Encryption tools protect sensitive data from third parties. But encryption does not guarantee that files, removable media, email messages and network packets will not be hacked. Poorly written user authentication policies, configuration mistakes, social engineering and tool restrictions can all create problems. To catch these vulnerabilities, administrative policies on continuous testing and monitoring of encrypted data are in place.

One encryption tool is not enough to ensure to protect your system is protected. Security professionals need to build a portfolio of many tools—some automated, some manual, some multi-platform, some silo platform, some on the computer, some cloud-based. Building a portfolio of encryption tools helps administrators to leverage each tool’s strengths. What’s in the portfolio depends on the tools’ strengths, data type, budget and personal preferences. The portfolio can be updated with new encryption tools as the network or data type changes.

1 - Top 10 Encryption Tools You Should Know

Top 10 Encryption Tools You Should Know

One encryption tool is not enough to protect your system. Get acquainted with these 10 free or inexpensive encryption tools that use strong AES encryption.

2 - 7-Zip


7-Zip. Some compression programs encrypt contents to secure data. One favorite is 7-Zip, an open source file archiver. This free tool works with Windows and makes available a port of the command line version to Linux/Unix. The GUI interface makes it easy for the administrator to manually activate the encryption option. To get there, he right clicks a folder or file and navigates to Properties and Advanced Attribute windows. While 7z format has a higher compression ratio than zip format, both offer strong AES encryption.

3 - AES Crypt

AES Crypt

AES Crypt. A system administrator who is often on the go needs to encrypt data on his iOS or Android device. This is made possible with AES Crypt, a free open source file encryption program that was published by NIST as FIPS PUB 197. This tool also works with Windows, Macs, Linux , Java, C# and PHP. It lets the administrator backup and protect the data at a bank, in a cloud-based storage service or any place where sensitive files might be accessible by someone else. Administrators with programming skills can use Java and C# modules for integration into an application.

4 - OpenSSL


OpenSSL. Sometimes an administrator wants to secure data in transit to servers and Web applications over public and private networks. One favorite is OpenSSL for Windows, Solaris and SPARC. This cryptography and secure sockets layer/transport layer security (SSL/TLS) toolkit is the first open source FIPS-140 validation. A number of Linux and BSD distributions include OpenSSL. To make it easier to work with OpenSSL, the administrator can consult the OpenSSL Cookbook, a free ebook, for guidance.

5 - CyberGhost


CyberGhost. A system administrator uses a VPN to encrypt communication when exchanging data on the company’s private network. When he travels to the company’s distant location, his company’s VPN may not be available. To ensure his online sessions remain private, he should consider CyberGhost, a VPN alternative. Three subscription plans are available. The lowest-end option can be downloaded for free. Rates are inexpensive for the two plans with more options. All are available for Windows, Mac, iOS and Android.

6 - Viivo


Viivo. It is always cheaper to encrypt files on a desktop or device than in the private or public cloud. This is made possible with Viivo, by PKWARE, the company that invented ZIP files. This FIPS 140-2 validated tool lets the administrator encrypt files while on the go or sitting at a computer. She can sync them to a cloud storage provider and choose to share them with others. After trying it out for free, an admin can opt for a highly affordable Viivo for Business subscription plan that also offers policy and enterprise key management.

7 - OpenSSH


OpenSSH. An assessment requires a system administrator to use encryption when interfacing with remote systems. Available to her is OpenSSH, an open source Secure Shell (SSH) client and server tool developed by the OpenBSD Project. It comes with a secure command-line service for administering Linux servers. To interoperate with OpenSSH from a non-Linux client, the administrator can work with Windows,Java,Macintosh,Unix,PalmOS, Mac OS, AIX and other operating systems.

8 - GnuPG


GnuPG. System administrators often use encrypted emails to communicate with colleagues. One favorite is the GnuPG (GNU Privacy Guard) that allows an administrator to encrypt and sign his data and communication. This multi-platform freeware tool gives the system administrator three options for implementation. He can use it as a command-line application, he can install a plugin to a mail client or he can run a mail client that already includes the tool. Porting the tool to smartphones and Android will be available at a later date.

9 - HTTPS Everywhere

HTTPS Everywhere

HTTPS Everywhere. Many websites default to unencrypted HTTP or fill encrypted pages with links that go back to the unencrypted site. One solution is to redirect users to HTTPS (encrypted HTTP). This is made possible with HTTPS Everywhere, a Firefox, Chrome, and Opera extension that sets up rules to force the browser to use HTTPS. This tool also secures cookies according to rules. To download, click on a browser’s icon on the home page. The administrator should use Qualys’s SSL Server Test to check for any weaknesses in an HTTPS-based website.

10 - HTTPS Everywhere for IE

HTTPS Everywhere for IE

HTTPS Everywhere for IE Some admins prefer to use Internet Explorer over other browsers. To make IE more secure, they should consider HTTPS Everywhere for IE that redirects the users to HTTPS based on a set of rules. This tool does the same thing as the HTTPS Everywhere does for the Firefox, Chrome and Opera browsers. It works with Windows XP SP3 to Windows 8 and Internet Explorer 6 to 10. To make downloading simple, the extension comes with an installer.

11 - DiskCryptor


DiskCryptor. Encrypting a partition one at a time on a large disk can be a daunting task. A system administrator can reduce the time with DiskCryptor, an open source partition encryption tool that allows him to encrypt at the same time all disk partitions and external storage devices in a GUI interface. The administrator can create a bootable LiveCD that he can use if he is unable to boot the system in a normal way. DiskCryptor can be integrated directly into a Windows Vista/7 installation DVD, so he can run the tool from command prompt from the “Repair your computer” menu.