Some complaints about Symantec Encryption have been heard related to the need to renew VeriSign certificates each year in order to be able to decrypt old e-mail if it’s held encrypted for an extended period of time that way. “The data we send is large files, and it’s not a problem.” “PGP works at the application layer,” says Taft, saying the hospital can encrypt with its PGP key and the recipient can decrypt with theirs. The hospital uses what’s called MOVEit Central from Ipswitch for exchange of business-to-business documents. The hospital uses the Ipswitch MOVEit File Transfer System which makes use of the protocol OpenPGP. “We have a lot of business partners,” says Dylan Taft, systems engineer at Rochester General Hospital, who says he relies on managing separate PGP-based encryption keys for secure file sharing. Not everyone, however, feels the need to migrate away from managing certificates with business partners. Symantec says it works by simply checking a box in the management server so anything sent to Dropbox is automatically encrypted with the appropriate keys. Since acquiring PGP, Symantec has released secure file-sharing with Dropbox in what it calls its File Share Encryption integration with Dropbox. “The laptop encryption for PGP, we are still using it,” he says, expressing confidence about the security and manageability involved in it. Everything is encrypted but it doesn’t depend on certificates, but strong passwords, to get information, he says.īut ECI is sticking with Symantec Encryption for some things, particularly for in-house use. It can also create directories for the cloud-based Dropbox service. Instead, ECI adopted a different type of exchange, the RSAccess product from Safe-T, in which two nodes are set up on each side of a firewall to support requests for sensitive data from suppliers, business partners and customers. Illuz said his company has migrated off the PGP-based Symantec Encryption e-mail and filing sharing software that the firm once used for secure communications with business partners. “It’s too problematic,” says Yuval Illuz, associate vice president and head of global infrastructure and IT operations at network equipment company ECI Telecom about digital certificate management among business partners. +Also on Network World: The weirdest, wackiest and coolest sci/tech stories of 2013 | The worst security SNAFUs of 2013 +īut despite this kind of PGP-related development work, one sticking point is managing the digital certificates needed for end-to-end encryption and decryption, especially when it comes to sharing files securely between two separate companies as outside business partners. The result, according to Symantec, is encrypted mail is delivered directly to a user’s device and they use the Symantec Mail Encryptor App to reply. Symantec says its email encryption encrypts e-mail directly from an end user machine. For example, Symantec offers client app software for both Apple iOS and Google Android devices as part of its Desktop Email Encryption. Symantec declines to discuss how many customers it has exactly in the PGP realm, but it does point out that Symantec has invested resources in developing what it inherited with PGP. Enterprise managers are somewhat mixed on that, though PGP, over two decades old, is so well known that Symantec, which dropped the PGP moniker in favor of “Symantec Encryption,” still reminds everyone it’s “powered by PGP technology.” In addition, there’s “OpenPGP,” the IETF standard that was championed by Phil Zimmermann, that can be implemented by companies without licensing.
0 Comments
Leave a Reply. |
AuthorWrite something about yourself. No need to be fancy, just an overview. ArchivesCategories |