Your sensitive data is a bounty sought after by malicious agents. If you have an internet connection, attackers have an abundance of entry points to your computer. Even if you’re careful, you could lose your laptop, or someone could steal your external hard drives. You’ll need a comprehensive data safety strategy if you want to keep your private information truly private.
Your computer can be a fortified castle surrounded by a moat, with a heavy vault in the center, or it can be an isolated log cabin with too many windows and a flimsy lock on the front door. Solid defense is built in several lines and on multiple fronts.
Antivirus software defends against incoming attacks. A VPN masks your outgoing traffic. A password manager fortifies your defenses. Having backups of important files is a failsafe damage-control measure.
The best encryption software – that’s the stone vault buried deep in the dungeons underneath the keep.
Encryption software uses cryptographic tools to scramble the bits and bytes of a file and make it unreadable. That way, even if an attacker manages to fool the guards and traverse the dividing walls, he is faced with the insurmountable hurdle of decrypting the information.
The castle simile, however, runs short here. Besides data at rest, encryption software can also protect data in transit. Every email, video, and audio file you share can be intercepted, viewed, and altered en-route. While a VPN masks the origin point of a piece of data, it does not render it unreadable. Encryption software ensures that data in transit can only be viewed by the intended recipients.
Installing NewSoftware’s Folder Lock is like installing a safe in your office. Imagine a compartment where you keep your most valuable items and possessions safe from harm and prying eyes; Folder Lock’s “Lockers” are essentially that.
The software creates a specialized encrypt folder or “Locker,” which requires a password for access. These folders are invisible in the standard Windows Explorer and can only be accessed through the Folder Lock application.
Folder Lock operates on a simple-to-use drag-and-drop basis. Simply select the files you want to protect and drag them into the application window.
The software not only protects files with a password – it also encrypts them using an uncrackable 256-bit algorithm. Every locker can be backed up online in cloud storage. That means even if you lose your computer, your valuable files can be recovered in minutes.
This folder encryption can even be used on USB flash drives and CDs – simply copy and paste a Locker onto an external storage device and make your files secure in transit. The same process can even be applied to email correspondence, making it safe to transfer sensitive information conveniently over email.
Other features of this software include making specialized Lockers for financial information, which are called Wallets. There’s also a deep, thorough browser history clean for covering your online tracks, and the “Shred” feature, with which you can permanently and securely delete data.
When first activating the program, you’ll be prompted to make up a master password that will be integral to the safety of your files. This password will be used for everything from decrypting your files to uninstalling the program. Be sure to keep this password safe.
Folder Lock is available as a 30-use free trial. After that, the software costs $39.95, which is really not a lot considering the level of safety and peace of mind this product offers.
When file encryption becomes a chore, you run the risk of neglecting it and putting your sensitive data at risk. That’s why it’s good to have a seamless and easy way of protecting your work and confidential information.
That’s one of the main advantages of AxCrypt’s workflow; you can encrypt, edit or share a file from the right-click context menu. AxCrypt doesn’t just make the encryption process easier; sharing the encrypted files to other users also becomes a breeze.
Moving data is known to be the most vulnerable. Intercepting third parties can always get in the way and view, or even edit, files that are in transit. AxCrypt’s key sharing feature makes it easy to share encrypted files that are impossible to tamper with.
Simply send the encrypted file via email and add the receiving address to the whitelist in the application interface. Your team member will then gain viewing and editing access, even if they do not own AxCrypt. They will get a free AxCrypt ID for identification purposes.
Password management is also a crucial part of cyber hygiene that AxCrypt helps you with. The password management feature allows you to encrypt and store all of your passwords online. Another great organizational feature this software provides is the secure folder feature. You can designate a folder in which all files are automatically encrypted and made safe. AxCrypt also detects any cloud storage you’re using and secures those files as well.
Axcrypt’s main downside is that it is incapable of creating encrypted folders. It can only encrypt individual files.
The free version of AxCrypt will get you the basic features, like AES128 encryption and the ability to open keys that have been shared with you.
For $35, AxCrypt Premium will get you the virtually unbreakable AES-256 encryption algorithm, all of the features we’ve covered in this guide, plus dozens more that we didn’t even have time to mention.
Losing an external hard drive or having it stolen is something that can happen to anyone. This can be a real disaster if the disk contains valuable and private information. If you plan on transporting delicate information physically, it’s highly recommended you encrypt it.
Jetico’s’ BestCrypt Volume encryption is the best disk encryption software on the market. The smooth interface, the strength of the encryption, and the customer support Jetico offers all add up to create a one-of-a-kind product.
You can encrypt your entire computer, several disk volumes, or a single volume. You also have the choice of encrypting just part of the drive with data on it, or the entire drive. BestCrypt uses the most secure, uncrackable encryption algorithms – including AES, Serpent, and Twofish – with the largest key sizes.
The BestCrypt Volume Encryption can protect your boot and system files as well. This ensures that no one can even turn on and boot your computer without a password. Your drives are protected even when your computer goes into hibernate mode – an authentication password will be required to wake the device.
If you’re storing confidential information that could make you liable under the GDPR or HIPAA, BestCrypt’s got you covered. The information encrypted by the software is rendered unintelligible and you are thus exempt from data breach notifications if your devices get stolen.
Jetico boasts a no-backdoor status on all its software, meaning that it has never included any weakness in the software that would provide a means for hackers to bypass the authentication requirements.
This hard drive encryption software can also be used to lock and protect USB drives. That makes it very useful for accessing files on computers that do not have BestCrypt installed.
The downside to this software is that it requires a separate purchase for shredding files and volumes. The possibility of piecing the unencrypted originals together if they are improperly deleted defeats the purpose of a file locker.
Jetico’s BestCrypt Volume Encryption software is available for both Windows and iOS. One year of full service will cost you just under $100. If you’re interested in purchasing the enterprise edition with over 20 accounts, you’ll need to ask Jetico’s customer support team for pricing.
Collaboration via email has become an integral part of modern business. This leads to 74% of a company’s intellectual property appearing in emails, according to Osterman Research.
Every single email is a liability. Data in transit can be intercepted, viewed, and even altered in a large number of ways.
Using an email encryption service ensures that even if malevolent agents get their grubby hands on your or your employees’ correspondences, it will be encrypted into oblivion.
Symantec’s encryption is one of the best secure email tools to use to protect your sensitive data and that of your company. The process is automatic and seamless. Encryption occurs in the client, which ensures emails are safe even before they hit internal networks or are uploaded to the cloud.
The software is compatible with both Windows and Mac operating systems, as well as with mobile devices. The extreme vulnerability of mobile devices makes this a very useful feature. Again, the software works with both Android and iOS devices.
No two companies are alike, a fact Symantec is very well aware of. That’s why Symantec’s encryption policies and procedures are highly customizable to meet the needs of your company. If the safety experts in your company opt out of installing the software on each client, Symantec also offers server-level gateway encryption.
Symantec’s mail protection is PGP encryption software. Even though PGP modestly stands for “pretty good protection,” it’s one of the strongest protocols available. The message is encrypted with a randomly generated symmetric key. The symmetric key is then encrypted with the receiver’s public key. The receiver then uses their private key to decrypt the randomized symmetric key and uses it to decrypt the message. This system also creates “digital signatures,” identifying pieces of data that act as a guarantee that the encrypted message has arrived at its destination unchanged and intact.
This product is meant for companies, so prices can be tailored to each customer’s needs in negotiation with Symantec’s support team.
While this article mainly focuses on encryption software, a piece of hardware has made it on the list. The eNova Enigma Series consists of three products that use USB ports to make your encryption strategy more portable.
The Enigma I is probably the most interesting product in the series. It’s an intermediary between any kind of USB mass storage device and the computer you are transferring files to and from. It contains the best USB encryption software.
When you plug the Enigma I into the computer and the USB storage device into it, all files going into the storage device are automatically encrypted. On the flipside, the decryption of files going out of the drive is just as seamless.
The Enigma does not slow down or in any way interfere with the file transfer process. This holds true for all generations of USB ports, from 1 to 3.
When an encrypted storage device is plugged into a computer without the Enigma I dongle, the operating system sees it as a blank drive and offers to format it. Be careful not to do that, because it will delete all data on the drive.
The Enigma I uses the CBC (Cipher Block Chaining) encryption method. It encrypts the plaintext data block by block, incorporating the encryption of the previous block for each subsequent one. This means that decrypting a single block, a task difficult in of itself, will not give you access to any of the other ones. AES256-strength encryption adds an extra layer of protection.
The Enigma I can be used on any USB interface. Prior to that, an initialization process must be finished on a Mac or PC device. When it is first inserted, the OS reads the Enigma I as part of a CD-ROM drive. It contains a password utility app, which sets up the Enigma I recovery password. If you lose your Enigma I dongle, you will be able to access your encrypted files with another unit using the same password. The password has a maximum length of 32 characters. Take extra steps to ensure no one gets their hands on the password.
The cloud represents a revolution in the way we handle data storage. Be it for personal use or collaborative efforts, being able to store and access files remotely is a huge benefit and a major shortcut in workflow. Over 40 zettabytes of data is projected to be in circulation on the cloud by the beginning of the next decade.
The new technology does, however, come with its drawbacks. You are lending your files to be kept by a third party, which is always a liability. Data breaches often take place silently and are only noticed years after the fact.
While most cloud providers offer a basic kind of server-side encryption, that still means they are the sole key holders to your sensitive data. If you plan on storing any type of confidential information online, it’s time to take matters into your own hands and invest in cloud encryption software.
Boxcryptor is the best cloud encryption software on the market. It supports more than 30 cloud storage providers, including, of course, the most popular ones like OneDrive, Google Drive, and DropBox. The encryption happens on your own device, before the files are uploaded to your preferred cloud provider.
The workflow is seamless – Boxcryptor creates a virtual drive on the cloud. All files uploaded to – or created within – that drive are automatically encrypted. Editing the encrypted files takes no extra steps. The result is a AES256 encrypted database that only you hold the key to.
That means only you – Boxcryptor follows the ZeroKnowledge paradigm that disallows encrypted file access to any third party, including Boxcryptor employees themselves.
It costs you nothing to give Boxcrpytor a spin. Literally – the free trial lets you try out the basic encryption features on one cloud provider and two of your favorite devices. It also lets you share encrypted files to people who do not own Boxcryptor, via Whisply. Whisply is a secure link-sharing service also developed by Boxcryptor.
The Boxcryptor Personal package adds filename encryption and allows you to connect an unlimited number of devices to an unlimited number of providers. It will run you $48 for a yearly plan.
The Business plan includes group accounts for hierarchical management. It will set you back $96 for an annual plan.
VeraCrypt is proof that good encryption relies solely on key secrecy. Even though the software is open-source and anyone can gain access to the ciphering algorithm, it still provides AES256-strength encryption.
VeraCrypt is high in the running for the best encryption software for Windows. All you have to do is keep your private key private. It supports both PC and Mac, although some features are unavailable for Mac devices.
In the spirit of open-source software, the VeraCrypt website offers a rich library of knowledge on this specific tool, and on encryption in general. The beginners tutorial guides you through each step of the installation process and shows you how to set up your first encryption folder. It holds your hand all the way through the process. We recommend you download the software directly from the site and look up how to encrypt files there as well.
VeraCrypt offers on-the-fly encryption. There’s no downside to using the software; it won’t slow down your processor and uses no RAM resources while encrypting and decrypting files. That is achieved through parallelization and pipelining.
Parallelization is the process of employing all available processor cores simultaneously when encrypting files. The speed of the process is directly proportional to the number of cores used. Thanks to pipelining, an application trying to load an encrypted file from a VeraCrypt drive doesn’t have to wait for the entire decryption process to finish. This feature is only available for Windows encryption.
You can choose to mount a single folder or an entire partition. All files copied to this folder will be encrypted with an algorithm of your choice. If you’re new to encryption software, we suggest you stick with the suggested AES256 algorithm. Chances are your processor supports the hardware-acceleration feature for AES256, making the encryption process even faster.
VeraCrypt is a bread-and-butter application that will serve your basic encryption needs. That said, the software offers no dedicated email or cloud encryption, for example. While these may be standard features in other software, we have to remember that VeraCrypt is freeware. Download the program, try it and if you like it, donate to the cause!
When German passion for precision and American ingenuity combine, fireworks are bound to go off. That’s what’s happening with Simlpleum, the German-developed encryption software for Mac and iOS devices.
The software is specifically designed with Apple devices in mind. It integrates seamlessly with the Mac operating system – everything is done on a drag-and-drop basis from the finder into the Safe folders, which encrypt the files. Safe passwords are hidden from anyone, including Simpleum staff, so be careful not to lose yours. Physically printing the passwords goes a long way toward securing the passwords, while making sure they remain accessible.
Simpleum’s data encryption adheres to the industry-standard AES256 protocol. Editing is easy and safe, as the files stay encrypted during the entire process. This also means that there are no file remnants on the hard drive, as the files are edited directly in the Safe folders.
Losing an iPhone is always painful, even if you only take the financial aspect into account. With SimpleumSafe you can at least ensure that sensitive files and photos are secure if you lose your Apple device. When you use Simpleum software to encrypt files, they will be GDPR-compliant. That protects you if your device gets compromised while carrying other people’s sensitive data.
The best part of SimpleumSafe is the easy connectivity and file syncing between all of your Apple devices. There are three ways you can connect your iPhone, iPad, and Mac devices – through the iCloud, through Wi-Fi (this requires no internet connection), and through a shared folder (only Mac-to-Mac). Using Simpleum’s simple interface, you will be able to share, edit, and update encrypted files between your devices with ease.
For a mere $36, you’ll get access to the best iOS and Mac encryption. When you consider how much you’ve already invested in your Apple device, it’s irrational not to boost its safety. If you’re a student, you can also look forward to a 30% discount from Simlpleum.
1. Folder Lock – Easily create a file vault (a ‘Locker’) and simply drag and drop files to encrypt.
2. AxCrypt – Seamless, on-the-fly, single-file encryption software.
3. BestCrypt – Volume, partition, or full disk encryption in a matter of seconds.
4. Symantec PGP Email Encryption – Encrypt email communication before it reaches any internal or external servers.
5. eNova Enigma Series – A USB device loaded with software to automatically encrypt an external hard drive or any other USB storage device.
6. Boxcryptor – The best solution for frequent users of cloud storage.
7. VeraCrypt – A free, open-source option considered to be among the best Windows encryption software because of its simplicity, security, and speed.
8. SimpleumSafe – Ciphering software designed specifically for Apple users.
Encryption is the process of scrambling a message according to a rule, called a cipher or encryption algorithm. The encrypted message is only meant to be legible to a receiver who possesses the tools to decrypt it. The study and practice of encryption is called cryptography.
Encryption is as old as written language. As soon as we could exchange written messages, we needed a way of making them private and illegible to anyone but the receiver.
The simplest way to encrypt text is a substitution cipher. Each time the letter ‘A’ appears in a message, substitute it for a ‘T’, for example. Assign a substitution for each character and voilà – you’ve got a message that is only legible to those who know which letter stands for which.
This cipher, or encryption algorithm, is the most rudimentary method of encryption. It can serve as a basis for more complex ciphers, like the famous Enigma of the German WWII effort. But, as the results of the war show, these codes are crackable.
Advances in computer technology have allowed for much more sophisticated and tougher-to-crack ciphers.
There are two main types of encryption: private key and public key encryption.
The same key is used for encrypting and decrypting a message. The main task for conducting this type of encryption is safely sharing the key between both parties before exchanging messages.
This system uses a pair of keys – one for encryption and another for decryption. The sender uses the receiver’s public key to encrypt the message. As its name suggests, this key is not secret and is available to anyone who wants to send a message to its owner. The recipient then uses their private key to decrypt it. Again, the name says it all – this key should be kept secret by its owner.
A hierarchical system of policies, authorization levels, and roles used to establish a secure network is called a public key infrastructure (PKI).
A key is a specialized sequence of characters used together with an algorithm to encrypt a message. The same algorithm used on the same text will return a different output, depending on the key that’s used.
In cryptography, Kerckhoff’s principle statesL “A cryptosystem should be secure even if everything about the system, except the key, is public knowledge.” It’s a rephrasing of Shannon’s maxim: “The enemy knows the system.”
They both highlight the importance of encryption keys – cryptographical systems should be designed in such a way that a ciphered message is unreadable without the key, even if the algorithm is known.
In encryption software, the private key system is mainly used for data at rest, saved to persistent storage.
The public key system is used for the communication of encrypted data (data in motion).
AES 256 encryption – whether you’re a paranoid inventor locking your patents away from your imaginary arch nemesis, or a government agency employee handling national threat-level security, the Advanced Encryption Standard 256 is what you adhere to.
Without getting into too much detail, AES256 ciphers operate on the same basis as simple elementary school substitution ones, only on a much, much (much!) larger and more complex scale.
The number in the title means this encryption uses 256-bit keys. We will not confuse you with “atoms in the universe” comparisons of how strong these encryption methods are. If they’re good enough for the US Government (and they are), they’re good enough for you.
The software we list on this page all includes 256-bit encryption – the only thing you need to worry about is keeping your password safe and hidden.