is there an OpenPGP expert in the house?

T

tdowning

Gawd
Joined
Oct 7, 2000
Messages
518
I'm volunteering for a local organization, and I'm working on setting up secure e-mail, and I have a few questions.

1. Can anyone recommend a forum where I can get help from greater geeks than I?

2. Is it possible to have a public key-server inside our network set up such that only one or two network admins can add a key to the server and then configure the client software, (most likely Outlook, but Thunderbird is not out of the question,) to pull public keys from there and automatically trust them, or at least automatically trust all keys from there for addresses for *@ourdomain.org

3. Symantec has a server-side system for managing this, but at a cost of over $5000 for just that system, is out of the question. Are there F/OSS equivalents?

The total number of users is 25, and the budget is next to nothing, so manually configuring clients is not out of the question.

Thanks in advance,

Tim D.
 
What type of organization? Are there email security requirements at hand that caused you to look at OpenPGP as a solution?
 
sorry it took me awhile to get back, been busy, It's a local non-profit, and the clientele is all people with physical and/or mental disabilities.

Cost is very critical. For comparison, the server software alone for Symantec's centrally managed system would be over $5000, therefore looking at F/OS options.

We are standardized on Outlook, however because MS donates licenses for very small fees through techsoup.org

We would like to have email encrypted because it is presently being handled by our web hosting company, because using insecure e-mail to communicate any kind of Protected Health Information leaves us open to liabilities. The program director has mentioned changes to HIPPA in connection to this. Researching how exactly HIPPA is changing is next on my to-do list
 
Outlook with what email server?

You may just need to buy an appropriate certificate and configure TLS. Definitely less than $5k.
 
I'm not a PGP expert but the only advice I can provide is DO NOT install this along side Cyber Armor (a AV/Firewall app). #LFMF

Long story short, when I was a summer student for the company I work for now I was tasked with testing PGP. I installed it on my machine. Totally trashed it. turns out it was a conflict with Cyberarmor. Took note of that and tried to find a work around. Ended up they just did not go with that product.

Fast forward to after I'm done school, graduated, and working full time for the company. Another tech was tasked with installing it on a bunch of users' PC, no testing. I was not aware of that. It trashed that entire departments' PCs. When I found out I told him I knew about that issue. :D Fun times...

I don't know if Cyberarmor is even still around these days though... but every time I hear about PGP I think of this so thought I'd mention it.
 
Red Squirrel said:
I'm not a PGP expert but the only advice I can provide is DO NOT install this along side Cyber Armor (a AV/Firewall app). #LFMF

Long story short, when I was a summer student for the company I work for now I was tasked with testing PGP. I installed it on my machine. Totally trashed it. turns out it was a conflict with Cyberarmor. Took note of that and tried to find a work around. Ended up they just did not go with that product.

Fast forward to after I'm done school, graduated, and working full time for the company. Another tech was tasked with installing it on a bunch of users' PC, no testing. I was not aware of that. It trashed that entire departments' PCs. When I found out I told him I knew about that issue. :D Fun times...

I don't know if Cyberarmor is even still around these days though... but every time I hear about PGP I think of this so thought I'd mention it.
Click to expand...


I though you were going to make the long story short.....


Op, I 2nd the decision to move to hosted email... If you're a 501c3 you should be able to get google apps free of charge...
 
Thanks for the Google Apps suggestion, I called the sales number to confirm that it is free to 501c3 orgs, (It is, but there's an application process,) and discussed it with my boss.

Moving our e-mail to google apps would solve some problems, (just yesterday I was having issues with slow delivery, apparently efffecting everyone on our web hosting provider, as they posted a notice on the top of the e-mail help information.)

Thank you everyone for your help, We're not using Cyber Armor, and I have a PC all to myself to get started with any testing, but I'll definitely be watching for it on any other machines.

I'll keep you posted as things progress.
 
You must log in or register to reply here.
Back
Top