Posted by: Ken Harthun
Encryption, Secure Computing, Security
There’s an old saw in security circles: “complexity is the enemy of security.” The more complex something is, the more likely there will be flaws to exploit. Too, there are times when you just don’t need the strength of AES encryption. Case in point: the company I work for utilizes a practice management and documentation system to keep track of service tickets, inventory, server & network configurations, and other customer information. Since the software is web-based (which makes it a potential attack target), we needed a simple method to securely store client passwords and remote access configurations. The solution was Iron Key (not to be confused with the secure flash drive of the same name), a free version of Silver Key–a program for creating self-extracting encrypted files.
The program is perfect for safely sending files over the Internet, even those that contain sensitive personal and financial information. For example, say you have an electronic copy of your tax return that you need to email to your accountant; easy, just drag and drop it onto Iron Key, set a good passphrase and send it along. Your accountant does not need any cryptographic software in order to decrypt the file; all he needs is to run the file and enter the right password, which you can tell him over the phone.
It doesn’t get much simpler than this.