Encryption - Encryption Tools Matrix
This document provides a matrix of tools available to encrypt data at rest.
Caution: Encryption can make documents, files, or entire disks impossible for other people to read. It can make them impossible for you to read, too, if you loose or forget your encryption key. See Encryption - Issues to Consider Before Implementing Encryption and Encryption - Types of encryption and key concepts before you attempt to implement any of the following tools.
Note: This matrix is a work-in-progress. If the tool you want to use is not currently documented, please check back later.
Type of Encryption
Type of Solution
Windows Tools
Macintosh Tools
Comments
Document Encryption
Enterprise Level
Document encryption not supported
at enterprise level see other methods.
Self-service
Office for Windows
AdobeOffice for Mac
Adobe
File/Folder/Container encryption
Enterprise Level (keys are escrowed)
MS Encrypted File System (EFS) via AD domain
Self-service
MS Encrypted File System (EFS) without AD domain
TrueCrypt (open source) OS X Disk Utility or File Vault
TrueCrypt (open source)
USB drive encryption
Enterprise Level
(keys are escrowed)McAfee Endpoint Encryption
Symantec Endpoint Encryption (SEE)
MS Bitlocker to Go via AD domain
Self-service
MS Bitlocker to Go without AD domain
TrueCrypt (open source) OS X Disk Utility
TrueCrypt (open source)
Full Disk Encryption (FDE)
Enterprise Level
(keys are escrowed)McAfee Endpoint Encryption
Symantec Endpoint Encryption (SEE)
MS Bitlocker via AD domain Symantec Endpoint Encryption (SEE)
Self-service
MS Bitlocker without AD domain
TrueCrypt (open source) OS X File Vault
TrueCrypt (open source)
Solution Types
Enterprise Level solutions are products in which the encryption keys are escrowed in the delivery of the solution. Availability of the encryption keys allows for recovery for files and disks should it be required.
Self service solutions are solutions where the end user bears the burden of ensuring encryption keys and passwords are available for recovery. The users should consider and understand the implications of using encryption before using these tools.
Self Service Tools
PC and Mac encryption tools that are bundled with their respective OS's are the preferred self-service encryption tools. TrueCrypt, an open source product, is the preferred tool when the OS does not have an equivalent encryption tool e.g Bitlocker exists for Vista and Windows 7 only; Bitlocker is not available in Windows XP.