SOP Encryption
Tags: SOP_Category Information_Governance_Category
- Guidelines
- HSCIC Good Practice - Encryption
Spreadsheets
For most purposes data will be sent in Excel Spreadsheets, which should be encrypted with a strong password (see below). Excel 2007 onwards uses AES 128 bit encryption, which is acceptable according to the HSCIC guidlines (above). Versions of Excel prior to 2007 should not be used.
Files and Folders
Zip Files with Passwords
The easiest method of encrypting files and folders is to create a zip with a password. However, there are a few problems with this.
Windows XP
Windows XP contains a function to compress a folder with a password. THIS SHOULD NOT BE USED as it is insecure.
7-Zip
7-zip can be used to produce an encrypted file, but it relies on the recipient also having the 7-Zip program installed. Self-extracting files can be created, but this requires emailing an executable to the recipient which can be problematic.
GPG
GPG is the open source implementation of PGP. This is the preferred candidate for more complicated scenarios where public/private encryption is required. This will require setting up at sender and recipient.
There has been no case so far to use this technology.
