Learn about software for secure Email, encrypting files, and securely erasing hard drives.
By Wells Anderson
Table of Contents
Your E-mail and attachments travel over the Internet in easily readable formats. Staff at Internet Service Providers and hackers everywhere can readily intercept them. Most people that their E-mail messages and attachments are needles in the huge Internet haystack. But lawyer-client communications can contain extremely sensitive information.
“Sniffer” programs scan Internet traffic for keywords. The FBI is not the only one with Carnivore technology. Sniffers can separate your valuable wheat from the general Internet E-mail chaff. Encrypting e-mail messages and attachments may not be something you need to do every day, but when you do, you want a method that is easy and safe for both you and your client. For a readable discussion of security issues, see: Privacy and Security on the Internet by Lawrence E. Widman, MD, Ph.D..
Public Key Encryption provides the best protection for E-mail, but unfortunately its use has not become widespread among E-mail users. Both sender and recipient have to install compatible encryption software on their computers before it works. Your technologically savvy clients will appreciate your adding “Pretty Good Privacy” (PGP) encryption to your e-mail software. It integrates well into Outlook, Outlook Express, Eudora and Lotus E-mail. But many clients don’t have PGP software and don’t want to bother with it.
The latest release of PGP has an option to create attachments that can be unencrypted by any recipient to whom you give the password. The drawback of this approach is that you must communicate the password separately without using E-mail. By calling your clients before sending encrypted documents, you can let them know they are coming and give your clients the passwords.
PGP is available both as well-respected freeware and in a line of commercial products. PGP Corp.'s commercial version of PGP includes several other vital tools to protect your privacy:
ü Firewall and intrusion detection that protect against hacker attacks
ü Encrypted virtual hard drive for storing sensitive files on your PC
Pro: PGP encryption provides extremely strong protection. After both sender and recipient have it installed, it can operate in the background. No hassling with passwords.
Con: PGP takes time and a number of steps to install. If you want to send secure messages to clients who have not used it before, they will need to spend a significant amount of time to get up and running. They will need to learn perhaps more than they want to learn.
Cost: $50.00 list – PGP 8.0.2 Personal for Windows –
Free – PGP Freeware – International PGP Home Page
Free – PGP Freeware 6.5.8 – MIT Distribution Center
DataSAFE SE addresses the same needs as PGP Freeware, but is easier to install and not quite so secure. It also requires the added step of separately communicating a password to the recipient. You can download a free 30-day trial version from:. Also available is DataSAFE which offers a few more features, including drag and drop from Windows Explorer, and costs $24 more.
Using 64-bit encryption, DataSAFE SE is less secure than products using "strong" 128-bit or greater technology. But it would still take a hacker a great deal of effort to crack a DataSAFE file using one personal computer. DataSAFE is more secure than the easily cracked encryption built into current word processors.
§ 64-bit Blowfish encryption
80B West Cochran, Simi Valley, CA 93065
By donating your old PCs to charity, you help a worthy cause. But remnants of client documents and data will survive your efforts to delete them. Even reformatting the hard drive does not obliterate information that remains, just waiting for an inquisitive teenager to discover with hacker tools.
Use an effective file shredder like Disk CleanUp, available for free. It can be installed on a floppy disk that will accelerate and simplify the process of completely erasing the contents of any hard disk on a Microsoft Windows PC.
But be careful! With these utility programs, erased means really gone.
A good commercial product is DataEraser by Ontrack.
Most of the time when you send someone a document, it is fine with you if they change it. But what if you want to send a client a document that you don’t want them to alter? Or maybe you have written a long document and want to distribute it to a number of people, but you don’t want them to reuse your text?
Infraworks makes a unique product, InTether:
“InTether protects the content of files, like mp3, video, software or documents, allowing the sender of information to control how the recipient uses it, including control over printing, copying and forwarding. If you don't want it forwarded, InTether gives you that control. If hacking is attempted, the file self-destructs.”
InTether provides the most extensive choice of limitations on use and access that we have seen. You can limit viewing time, prevent screen captures, stop cut and paste, and prohibit printing. This power is not expensive, about $269 for the license to secure files and no charge for the reader software. But recipients do face the burden of installing reader software and rebooting their computers to make it work.
Price: Free for reader software; $269 for author software
Open Directory Project
André Bacard's Privacy Page
Internet Product Watch