by CData Arc Marketing | August 21, 2019

4 Ways to Use Open PGP


Numerous high-profile data breaches have shined a spotlight on the need to protect sensitive data. Encryption is a popular solution because it locks away data or files in such a way that even if they are breached, no one can access, view, or read the contents of the data.

One of the most popular methods for encrypting files is PGP, which stands for Pretty Good Privacy. Created in the 1990s, PGP is currently owned by the security software company Symantec. Open PGP is the open-source implementation of PGP used universally in file transfer, SaaS and security tools and is what is most commonly meant when referring to standard PGP encryption.

Unlike file transfer protocols that incorporate encryption, such as AS2 and SFTP, that *only *encrypt data in motion, Open PGP can be used to encrypt both data in motion and data at rest. Open PGP works with any type of data, including video, plain text, and CSV.

As a result, it supports a wide variety of use cases. The following are four of the most popular ways to use Open PGP.

1. Encrypt Files to Safeguard FTP & Other Unsecured Protocols

Some file transfer protocols include encryption; for example, FTPS includes TLS (formerly SSL) encryption. But if you want the flexibility to use an unencrypted protocol to transfer files, such as FTP, you'll need another way to protect your data. Open PGP provides the answer.

2. Meet Regulatory Requirements

Many attacks today result when cybercriminals steal someone's user credentials through exploits such as phishing and then "walk in the front door." Once inside, these advanced persistent threats can typically go anywhere in the network, accessing sensitive data and applications. To protect data from such exploits, many regulations, such as GDPR, demand encryption as a necessary technical and organizational countermeasure. Financial institutions, healthcare organizations and other regulated industries can all use Open PGP to safeguard sensitive files, even when they are at rest behind the firewall.

3. Encrypt Data in Your DMZ

You may have servers in a DMZ that store data at rest. Because the DMZ is a public area, it's more susceptible to being attacked than a server that exists behind a firewall. If you have files sitting in the DMZ for any length of time, you'll want to encrypt them, and you can do that with Open PGP.

4. Encrypt Cloud Data Client-Side to Retain Control

If your data is stored in a cloud service like Amazon S3, Google Cloud Storage, or Azure Files, you may want to protect that data by encrypting files *before *they get there. While many cloud platforms natively support encryption, there are major privacy concerns, as they can also decrypt your data. Using Open PGP allows you to retain tight control of your data, so only you and your authorized users can decrypt it. Open PGP also adds a layer of security, should your cloud storage service suffer a major breach.

CData Arc Manages Your Open PGP Encryption

If you want to secure your data in motion or at rest using Open PGP encryption, the whole process will be easier with a managed file transfer (MFT) solution. An MFT solution, such as CData Arc, which manages the secure transfer of data across the network, can automatically manage your keys and handle encryption and decryption for you. As a result, you have total flexibility with the file format you choose — you can use FTP rather than FTPS or forego the need to set up an AS2 connection — while still protecting your sensitive data.

This powerful encryption comes standard with our CData Arc MFT offering.