INFORMATION SECURITY

Security awareness

Information security policies

Security training materials

News

File encryption

7-Zip

The (free) 7-zip application was identified by the University's Standard Desktop Initiative group as an application which offers robust encryption facilities (AES-256). The software should soon be available on all managed PCs throughout the University. Individual files (or groups of files) can be encrypted using the software and the resultant files then sent as e-mail attachments with a high degree of assurance that should the e-mail go astray there would be little risk of inadvertent disclosure.

The main risk is the accidental disclosure of the password used to encrypt the data - 7-zip is an example of encryption based on a "shared secret" which needs to be conveyed to the message's recipient before they are able to decrypt the files sent.

Don't send the password by email - it can be intercepted easily and this defeats the whole point of encrypting the attachment in the first place. It is essential that the password and encrypted files are sent separately by different mechanisms. For example encrypt a file and send it by email, then phone the recipient to give them the password verbally.

For guidance on using 7-zip, see:

MS Office 2007/2010 file encryption

File encryption is also available in some earlier versions of Office, but we strongly recommend that you do not encrypt files in these earlier versions. The file encryption in Office 2007 works best with files saved in Office 2007's xml format (i.e. docx, .xlsx and .pptx files).

Office 2007 and Office 2010 let you easily encrypt files in Word, Excel and PowerPoint.

Warning: there seem to be problems if you try to use Word 2007 to open a password protected .docx document created in Word 2010.