Content

FileAssurity OpenPGP

FileAssurity Open PGP is designed to be a low-cost alternative to PGP, while retaining full compatibility with PGP. With it, you can generate, import and export X.509 and PGP keys and it also supports encryption/decryption and digital signing/verifying of standard PGP files. Files or folders may be encrypted for storage or transmission by email. Bulk data encryption is carried out using 256-bit AES, with public-key-based Diffie-Hellman being used for session key exchange. RSA and DSS are used for digital signatures. Another feature is secure deletion according to U.S. government DOD 5220.22M. All 32-bit Windows platforms are supported.

It supports PKI in a completely open way. Once installed, you can easily start to use the PKI facilities. Simply import the public keys of all your intended recipients, set up your own keys, select the files to encrypt and choose for whom you want to encrypt them.

There is a built-in key manager that enables you to generate your own X.509 and OpenPGP certificates and keys - or you can import them from any certificate authority. There is also a backup and restore facility for archiving keys. Although not present in the software tested, a Central Administration utility fully supports central key management and key recovery for an additional cost of $20 per user. There are other PKI facilities - for example, the keys signed by the major certificate authorities are automatically recognized, and this feature shields you from the complex process of importing root certificates to verify keys. A secure password-based logon is required to access all keys.

Email attachments may be encrypted and digitally signed, regardless of which email client you use. You simply right-click on the file icon within FileAssurity OpenPGP's browser window, and select the option, "send to mail recipient" from the pull-down menu. Then your default MAPI email client is automatically opened ready to send the file. ArticSoft claims that this approach is better than full integration with an email client as it avoids the risk of compromise due to vulnerabilities in the email client software.

You can also send encrypted files to people who do not use any version of PGP using a free downloadable reader, which the recipient can use to generate a public-private key pair and then decrypt your message using his public key and finally verify your digital signature.

Product title
FileAssurity OpenPGP
Product info
Name: FileAssurity OpenPGP (Encryption group test) Description: Price: $49
Strength
Works with any email client. 
Weakness
No support for two-factor authentication.
Verdict
A competent file encryption system that supports PKI in an open and easy-to-use manner.

Related

DevSecOps Scanning Challenges & Tips

There are many ways to do DevSecOps, and each organization — each security team, even — uses a different approach. Questions such as how many environments you have and the frequency of deployment of those environments are important in understanding how to integrate a security scanner into your DevSecOps machinery. The ultimate goal is speed […]

It Should Be ‘Cybersecurity Culture Month’

It’s Cybersecurity Awareness Month, but security awareness is about much more than just dedicating a month to a few activities. Security awareness is a journey, requiring motivation along the way. And culture. Especially culture.That’s the point Proofpoint Cybersecurity Evangelist Brian Reed drove home in a recent appearance on Business Security Weekly.“If your security awareness program […]

Get daily email updates

SC Media's daily must-read of the most current and pressing daily news

By clicking the Subscribe button below, you agree to SC Media Terms and Conditions and Privacy Policy.