Encrypting Files

Main Content

Encrypting files is always a good choice to ensure confidentiality, integrity, and privacy. It is strongly recommended to always encrypt data that is extremely sensitive in nature. There are many options to encrypting files. SIU utilizes digital IDs and the Entrust Security Suite. It is recommended to encrypt files with Entrust since it utilizes exisiting resources and many SIU faculty and staff already have a digitial ID. Below are different options for encrypting files with Entrust as well as setting up encryption groups and decrypting files with Entrust.

ENCRYPTION OPTION 1:
 Single-user encryption with Entrust

1. Log in to your Entrust Security Store

2. Right click on the file you wish to encrypt and select 'Encrypt' or 'Encrypt and Digitally Sign File'
 NOTE: Multiple files may be encrypted at once however Entrust does not allow folders to be encrypted.

Right Click

3. Click 'Next'

Encrypting File

4. Select the Encryption Algorithm you would like to use then click 'Next'
 NOTE: It is recommended to use AES128 (128-bit). However if the data is extremely sensitive it is recommended to use any of the following: AES192 (192-bit), AES256 (256-bit), or 3DES.

Encryption Algorithm

5. Once complete select 'Delete the original files on finish' then click 'Finish'

Finish

 

ENCRYPTION OPTION 2:
 Multi-user encryption with Entrust

1. Right click on the Entrust icon and select 'Entrust Certificate Explorer'

Entrust

2. In the search box enter the name of the person you wish to add.

Search

3. Once found drag and drop that person's certificate into 'Other People' or 'Trusted People'
 NOTE: Repeat steps 2 and 3 if necessary

Entrust

4. Right click on the file(s) you wish to encrypt

5. Select 'Encrypt File' or 'Encrypt and Digitally Sign File'

Encrypt

6. Select 'Encrypt the files for other people in addition to myself' then click 'Next'

Entrust

7. Click 'Add'

Entrust

8. Select either individual people or your encryption group(s) then click 'OK'

Entrust

9. Click 'Next'

Entrust

10. Select 'Delete the original files on finish' then click 'Finish'

Entrust

ENCRYPTION OPTION 2.1:
 Creating Personal Encryption Groups

Entrust allows users to create encryption groups. These groups make it easy to setup encrypted files for multiple users. To setup an encryption group do the following.

1. Right click on 'Personal Encryption Group' and select 'New Personal Encryption Group'

entrust

2. Enter a name for the group the click 'Add'

entrust

3. Select people to add to the group then click 'OK'

entrust

4. Click 'OK'

entrust

5. Close the Entrust Certificate Explorer

entrust

DECRYPTING FILES WITH ENTRUST

Entrust allows users to decrypt files. Entrust will only decrypt files that were originally encrypted with Entrust. Follow the below steps to decrypt a file.
NOTE: Only decrypt files from trusted users.

1. Right click on the file you wish to decrypt

2. Select 'Decrypt, Verify and Open' or 'Decrypt and Verify'

decrypt

3. If you are not logged you will be prompted to login to your Entrust Security Store

entrust login

4. Select 'Yes' to decrypt and open your file

decrypt

5. Upon closing the file you will be prompted to delete the file
NOTE: This does not delete the encrypted file, only the decrypted file.

6. Select 'Yes'

decrypt