Author Note: These are all 3rd party tools that have been recommended to me by peers and experts in the field. With that said, Thycotic does NOT endorse any of these: please explore and use at your own risk.
- Email Encryption Tool
OpenPGP – An open source encryption protocol used by many clients for providing secure encrypted email transmissions. Most email clients will require an additional plugin, such as gpg4o or Gpg4win, in order to support the OpenPGP protocol. Once you have the plugin installed you will need to generate a private/public keypair, and send any senders your public key. Additionally, for anyone that you want to send encrypted email to you, you will need to obtain their public key as well. Once you compose and encrypt your email in the client with the public, and send it, the receiver will be able to use their private key to unscramble the encrypted message.
When you’re ready to get started, you can head here: https://openpgp.org/software/
- IM / Communication Encryption Tool
When it comes to encrypted chat or instant messengers there is always one thing to keep in mind: are your chats Peer-to-Peer (P2P) or are they passing through a centralized system. The reason this is important is that if your messages are encrypted by a central company, and IF that company holds the encryption keys, then the messages could be read. With that said, most companies would never do this, because it would mean the end of their business, but it’s still something to keep in the back of your mind.
With that said, one open-source P2P encrypted chat I’ve used in the past is called bitchat at https://bitchat.im
- File Encryption Tool
There is no end in sight when it comes to file encryption software—from built-in encryptions in operating systems, open source, and paid systems as well. It’s also important to realize that there is a difference between a hard drive/hardware encryption and a file encryption, and it’s rarely an either/or situation. In many cases you will use a disk encryption for your entire system (which uses a single key to encrypt/decrypt it all), and then for files that need extra protection you will leverage a file encryption software.
System Administrators recommend to me AxCrypt: http://www.axantum.com/AxCrypt/ an free/open source file encryption software for Windows. (note: I have never personally used this, it was recommended to me)
- Hardware Encryption Tool
When it comes to hardware or full disk encryption, there are two primary versions of this: One Time Encryption and On-the-fly Encryption. With One Time Encryption, the entire disk is encrypted all at once, and decrypted all at once for access. This is the faster of the two, and is best for non-mobile devices like desktop workstations. With On-the-fly encryption, every read/write is encrypted/decrypted as it’s being used and worked on. This is great because it doesn’t require you to re-encrypt or “lock” the disk. Great for laptops or USB drives that could be stolen.
VeraCrypt is an On-The-Fly Encryption system that is recommended by many people, and is the successor to the no longer supported TrueCrypt: https://veracrypt.codeplex.com/ (note: I have never personally used this, it was recommended to me)
For full disk encryption, Windows Vista and later have been deployed with Bit Locker for free! Just type “BitLocker” into your search to begin exploring it. https://technet.microsoft.com/en-us/library/cc732774(v=ws.11).aspx
- Network Traffic Encryption Tool
Like all other encryption needs, there are a number of free and paid methods for encrypting network traffic. The two main things to consider are the encryption of traffic on your physical network, and encryption of traffic from outside of your network (such as remote employees needing access to files). The two that are used the most are OpenSSL for implementing SSL and TLS on your network for securing network traffic.
And for allowing remote employees access to your network, nothing free works better than OpenVPN: https://openvpn.net/
Now It’s Your Turn!
What other open-source encryption tools do you use in your day-to-day work environment? We appreciate your comments.
This is a Security Bloggers Network syndicated blog post authored by Jordan True. Read the original post at: Thycotic