Re: Zip encryption

[Clifford Collins <collinsc () FRANKLIN EDU>]

So, how do you prevent data leakage if you allow uninspectable, sensitive content to be sent off campus via e-mail?  
Currently, our inbound and outbound mail filters block encrypted attachments.  It's painful for some but necessary 
until we can find a suitable solution. It is certainly not perfect. Your thoughts?

Clifford A. Collins
Information Security Officer
Franklin University
201 South Grant Avenue
Columbus, Ohio 43215
"Security is a process, not a product"

----- Original Message -----
From: "Chet Langin" <clangin () SIU EDU>
To: SECURITY () LISTSERV EDUCAUSE EDU
Sent: Friday, June 11, 2010 11:29:00 AM GMT -05:00 US/Canada Eastern
Subject: [SECURITY] Zip encryption


Hello,

Is anyone routinely using zip encryption
for official business?  There appear 
to be four (free) kinds available:
7-Zip, Bitser, IZArc, and PeaZip.  I
did not find 7-Zip smooth to use; Bitser
did not work for me; and, IZArc wanted
to also install spyware (OpenCandy).
PeaZip appeared to be functional, but
could be relatively difficult to teach
to non-technical users.

Other file encryption methods are available
to us, but some people want folder encryption.
My impression is that it would be easier
to zip the folder and then use another method
to encrypt the zip file than it would be
to install another program to do zip encryption
and teach people how to use it.

If people want to use encrypted folders
in place, then I guess it would be between
TrueCrypt and a zip program.  I'm not
sure which of these would be easier (or
even possible) for a non-technical user.



--
Chet Langin, GIAC GSEC Gold, GCIA Gold, GREM, GPCI
IT Information Security Analyst
Mail Code 4622
Southern Illinois University Carbondale
Carbondale, IL  62901
618-453-2639, clangin at siu dot edu