Choosing the Right Encryption Solution

Padlock The flexibility in GoAnywhere Director allows you to choose the encryption method for each Project. For instance, you may want to use a password-based encryption method (such as ZIP) when exchanging not-so-sensitive data with a customer, whereas choose a key-based encryption method (such as Open PGP) when exchanging highly-sensitive data with a bank.
 
The following questions should be asked before choosing the encryption method to use:
  1. How sensitive is the data being exchanged?
  2. How will the data be transported (e.g. FTP, Email, HTTP)?
  3. Are large files being exchanged (which should be compressed)?
  4. Should the files be encrypted (before transmission) or should the connection be encrypted?
  5. What encryption methods can your trading partner support?
A trading partner may dictate the methods(s) of encryption that they support. For instance, many banking institutions require that their customers encrypt files using the Open PGP encryption standard. Listed below are several sample scenarios and the recommended encryption method(s) to use.
 

Scenario 1

You need to send your price list file to your customers over email. You want to make it simple for the customers to open the file. The price list information is not that sensitive, but you would like to at least password-protect it.
Recommendation: ZIP with standard password protection or ZIP with AES encryption
 

Scenario 2

You need to send your payroll direct deposit information to the bank. This information is considered highly sensitive. The bank wants you to send this information over a standard FTP connection.
Recommendation: Open PGP or GnuPG (GPG)
 

Scenario 3

Your trading partner wants to exchange information with you over a secure FTP connection. This trading partner wants to authenticate your company with a password or public key.
Recommendation: SFTP (FTP over SSH)
 

Scenario 4

Your trading partner wants to exchange information with you over a secure FTP connection. This trading partner wants to authenticate your company with a signed certificate.
Recommendation: FTPS (FTP over SSL/TLS)
 

Scenario 5

You need to send purchase orders to your vendors, which you consider as fairly sensitive. The files can be rather large in size and should be compressed. The purchase orders could be sent over standard FTP connections or via Email.
Recommendation: ZIP (with AES encryption) or Open PGP
 

Scenario 6

You need to send EDI information securely to a trading partner and you need confirmation that they received the exact document(s) you sent them.
Recommendation: AS2 (Applicability Statement 2)
 

Scenario 7

You need to send sensitive information in the message body of an email.
Recommendation: Secure Email

GoAnywhere Director can be installed onto Windows, Linux, IBM i, AIX (pSeries), UNIX, HP-UX, Mac OS and Solaris platforms.  IBM i is also referred to as System i, iSeries, as400, as/400 and i5.