Page 1 of 2 12 LastLast
Results 1 to 10 of 11

Thread: Sending things securely?

  1. #1
    Senior Member Webhead's Avatar
    Join Date
    Jan 2014
    Posts
    1,829
    vCash
    500
    Points
    680,388
    Bank
    0
    Total Points
    680,388
    Donate

    Sending things securely?

    Any thoughts on this? At work someone wants to interact with a financial institution. They want to exchange documents over the Internet with each other. She wants to email documents to them and receive things from them and asked me about security. Personally, I think it's ill-advised to send anything over the Internet that you want to be "secure". I also told her about PGP and GPG and about how that's how it would be done but about how those methods might be complex for them. I recommended using USPS actually but she said that's too slow. Now I'm thinking about them using Box.com but my gut is telling me that's just a security problem waiting to happen.

    So not really sure what to do. I told her that for now, if she absolutely has to do this, then use this program AxCrypt and encrypt the file before sending and have them use AxCrypt to decrypt the file at their end. What do you guys think? No good?

  2. #2
    Senior Member CeeBee's Avatar
    Join Date
    Jan 2014
    Posts
    1,677
    vCash
    1792
    Points
    141,493
    Bank
    0
    Total Points
    141,493
    Donate
    PGP-encrypted (2048 bit +) over SFTP. That's what most financial institutions use.

  3. #3
    Senior Member Webhead's Avatar
    Join Date
    Jan 2014
    Posts
    1,829
    vCash
    500
    Points
    680,388
    Bank
    0
    Total Points
    680,388
    Donate
    Quote Originally Posted by CeeBee View Post
    PGP-encrypted (2048 bit +) over SFTP. That's what most financial institutions use.
    Secure yes,... but doing it this way would require a good amount of user training. And if it's anymore more complicated then simply attaching a file, they never want to do it.

  4. #4
    Senior Member CeeBee's Avatar
    Join Date
    Jan 2014
    Posts
    1,677
    vCash
    1792
    Points
    141,493
    Bank
    0
    Total Points
    141,493
    Donate
    No big training. Create a drop folder on the encryption server and have a script poll that folder for new files and encrypt them. Files will be available in encrypted format within seconds. Easy to do in a batch or powershell script.
    There are also apps that can do it automagically for the user, but the dictator in me wouldn't trust the users with giving them the encryption keys.
    When you work with other parties you MUST choose a solution that can be implemented on any common OS (XP to Win8 and several Unix/Linux flavors). Financial institutions usually deal with PGP and they will *NOT* allow the installation of whatever software you want them to use - you must conform to what they use.
    Some may require you to drop the files on a FTP site so your users must be ready to do it - or you can have a script handle that too...
    Last edited by CeeBee; 10-22-2014 at 01:22 AM.

  5. #5
    Senior Member Webhead's Avatar
    Join Date
    Jan 2014
    Posts
    1,829
    vCash
    500
    Points
    680,388
    Bank
    0
    Total Points
    680,388
    Donate
    I do appreciate your suggestion CeeBee, however this is just confirming my original thoughts that PGP and GPG are the only way to do this. I was just hoping to see if there was some other automagic zero configuration app that I hadn't heard of before hat would do it. Also, they ended up deciding to just do snail mail so I'm out of the woods on this one.

    I wonder if using Kim Dotcom's "Mega" cloud service would be secure. I see mixed results when I read up on it. He claims it's very secure though.

  6. #6
    Senior Member CeeBee's Avatar
    Join Date
    Jan 2014
    Posts
    1,677
    vCash
    1792
    Points
    141,493
    Bank
    0
    Total Points
    141,493
    Donate
    Quote Originally Posted by Webhead View Post
    I wonder if using Kim Dotcom's "Mega" cloud service would be secure. I see mixed results when I read up on it. He claims it's very secure though.
    Regardless of the security of the transmission/storage medium, you must be able to send a message that a) cannot be read by other parties and b) cannot be tampered with. PGP will do both, even if someone steals the decryption keys from the intended recipient, they still cannot modify the file and sign it to make it look like sent by you because they don't have your private key.

  7. #7
    Senior Member Webhead's Avatar
    Join Date
    Jan 2014
    Posts
    1,829
    vCash
    500
    Points
    680,388
    Bank
    0
    Total Points
    680,388
    Donate
    Microsoft should add PGP into Outlook so that a user can just press a button and it all gets configured. Or maybe that already exists and I don't know about it. I'm going to look into this....

  8. #8
    Senior Member CeeBee's Avatar
    Join Date
    Jan 2014
    Posts
    1,677
    vCash
    1792
    Points
    141,493
    Bank
    0
    Total Points
    141,493
    Donate
    Quote Originally Posted by Webhead View Post
    Microsoft should add PGP into Outlook
    Since PGP and alternative open-source implementations are third-party solutions, this makes no sense from a business perspective.
    Once you add support for something you have to support it.
    There are third-party plugins for those interested.
    https://www.google.com/search?q=outlook+pgp+plugin+free

  9. #9
    Senior Member Webhead's Avatar
    Join Date
    Jan 2014
    Posts
    1,829
    vCash
    500
    Points
    680,388
    Bank
    0
    Total Points
    680,388
    Donate
    Quote Originally Posted by CeeBee View Post
    Since PGP and alternative open-source implementations are third-party solutions, this makes no sense from a business perspective.
    Once you add support for something you have to support it.
    There are third-party plugins for those interested.
    https://www.google.com/search?q=outlook+pgp+plugin+free
    They are one of the largest companies in the world. They can support it. Security should be built-in.

  10. #10
    Senior Member Webhead's Avatar
    Join Date
    Jan 2014
    Posts
    1,829
    vCash
    500
    Points
    680,388
    Bank
    0
    Total Points
    680,388
    Donate
    That said, this looks interesting: http://office.microsoft.com/en-us/ou...010355559.aspx

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •