Tales from the Crypt: Burying Open-source Encryption

Two weeks ago TrueCrypt announced that it was ceasing work on its open source encryption solution. Much to the surprise of many, their web site updated with a notification that the product as unsecure and users should migrate to solutions like the native encryption found in Windows and Mac OS X.

It was an interesting turn of events. And nothing really gets people’s attention like a warning spread across a web site that states, “WARNING: Using TrueCrypt is not secure as it may contain unfixed security issues.” While the impact on larger businesses and enterprises is likely minimal, it still highlights a key problem with security that is open source – there’s no accountability to make sure it’s secure.

We’ve regularly been asked about TrueCrypt as a solution for business customers and we typically raised the issues of security, support and ultimately, accountability. While ‘free’ always sounds good, there are always strings attached. If a user has problems with open source software, who do they call to get help? Who helps troubleshoot and fix the issue? This alone is enough reason for a larger business to steer clear from an open source security solution.

The good news is that TrueCrypt has done the right thing. They informed users and suggested alternatives, and very good alternatives at that. BitLocker and FileVault are excellent encryption solutions and can meet the needs of many customers. For the larger business/enterprise, they’ll likely need more and that comes with central management.

It’s exactly why we introduced the ability to manage BitLocker with SecureDoc in May. We can help organizations take advantage of great native encryption solution, but then add extra layers of security with more robust authentication and key management.

RIP TrueCrypt.

Previous Post
Ruggedly Secure
Next Post
Computer Forensics and Self-Encrypting Drives

Related Posts

SecureDoc 6.2 is here!

As we teased last week, we have been gearing for a launch today and that launch is SecureDoc 6.2. Now, it may not seem like a significant step from 6.1 to 6.2, but it’s more than just what’s in the…
Read more

An innovative approach – CIOSynergy

Last week I had the opportunity to attend the CIOSynergy event in Toronto at the Trump Hotel & Tower. It was an interesting day of interacting with key IT decision makers within various organizations and learning about some of the…
Read more

Nothing is ever ‘free’

Last week I attended SC Congress in New York and did a presentation talking about the results of our study with the Ponemon Institute and the cost of data encryption solutions. It was a good event, well attended and there…
Read more

On the Right Track for India Expansion

WinMagic has been on a roll lately working with partners like Guidance Software and our ongoing relationships with HP, Lenovo and Motion Computing. We’ve also focused on our global growth this year expanding our business in India. (more…)
Read more

Leave a Reply

Your email address will not be published. Required fields are marked *

Fill out this field
Fill out this field
Please enter a valid email address.