So many recent data breaches could have been avoided if the businesses involved had simply protected their data using encryption. But encryption technology isn’t just for big business. If you encrypt your own important files, they’ll be safe even if you lose your laptop, or accidentally leave your computer logged in while you step out for a coffee. Cypherix SecureIT handles the task of encrypting and decrypting your files and folders, and can even create self-decrypting executable files. It does the job, but doesn’t have a lot of advanced features.
Your $29.95 purchase of SecureIT gets you a perpetual license. That’s the case with most products in this field. The company also publishes Cypherix Cryptainer PE, a rather different take on encryption. Where SecureIT encrypts specific files and folders, Cypherix PE encrypts anything placed inside its encrypted storage.
What Is Encryption?
When Julius Caesar wanted to send a secure message to his generals, it’s reported that he encoded the message by replacing each letter with the letter three positions before it in the alphabet. Breaking that kind of cipher is a simple matter of analyzing letter frequencies, but I’m sure it made Caesar feel safer.
Explaining a modern encryption algorithm to Caesar would be tough. Their output bears no visible relationship to the data that went in, and cracking a modern encryption algorithm would take an impossibly long time. The US Government’s official encryption algorithm is Advanced Encryption Standard (AES). With a 448-bit key as opposed to AES’s 256 bits, Bruce Schneier’s Blowfish algorithm should be even tougher to crack.
Encryption systems that use the same key to encrypt and decrypt data are called symmetric; AES and Blowfish are examples. If you share a file, you must find a secure way to share the key as well. Public Key Infrastructure (PKI) cryptography avoids that problem. In this system, if I want to send you a file, I look up your public key and encrypt the file with it. You use your private key to decrypt the file. Conversely, if I want to prove to you that a document comes from me and hasn’t been modified, I encrypt it with my private key. The fact that you can decrypt it with the public key proves its legitimacy. Yes, those digital signatures you hear about actually use PKI.
Getting Started With SecureIT
Installation of this product is quick and simple, although both the browser and Windows displayed a warning because the installer is not digitally signed. Like every recent encryption product I’ve seen, it offers a 30-day free trial. And like many of them, its user interface has a dated look. It’s not as retro-looking as Advanced Encryption Package, just reminiscent of earlier years.
The main window resembles Windows Explorer, with a folder tree down the left side and a file list adjacent. You even have the choice to view files as Large Icons, Small Icons, List, or Details (the modern Tiles view is absent, as are Medium Icons and Extra Large Icons). A toolbar across the top gives access to important actions, and a menu above the toolbar offers full access to all program features. Like AxCrypt Premium, Advanced Encryption Package, and CryptoForge, it adds items to the right-click context menu for files and folders, so you can encrypt or decrypt without having to launch the program.
For experts and IT workers, SecureIT offers a command-line interface, allowing automated encryption and decryption using batch files. AxCrypt and CryptoForge, among others, also offer a command-line interface. With Cypherix PE, you must upgrade to get the command-line interface.
Encrypting Files and Folders
Select one or more files or folders in the program’s display and click the big Encrypt button, or select your choices in Windows Explorer and use the right-click menu to start encrypting. You can choose to encrypt with AES or Blowfish, and you can choose fast compression, tight compression, or no compression.
For each encryption job you supply a password, up to 56 characters. CryptoForge allows 256 characters, and I couldn’t find any limit to the passphrase length in AxCrypt. Whatever password you use, you must remember it. If you lose it, there’s no way to get back the encrypted data. To help jog your memory, consider adding a password hint.
Sometimes even the name of a file gives away too much. CryptoForge optionally encrypts filenames; AxCrypt can anonymize filenames separately from encryption. SecureIT doesn’t do that for files, but when it encrypts a whole folder it renames it to reflect the current date.
In the last step, you can choose to create a self-extracting encrypted file—handy for sharing with others who may not have SecureIT. Note that Cypherix makes the decryption-only DeCypherIT utility available for free. By default, the option to securely delete the original files is not enabled when you’re creating a self-extracting executable.
Just making encrypted copies of your sensitive files doesn’t do much for security, not if you leave the unencrypted originals lying around. SecureIT can securely delete those originals (or any other files you want to wipe out) by overwriting their data before deletion.
By default, it overwrites file data three times before deletion, though you can crank that down to one overwrite pass (which many consider to be sufficient), or up to 20 (which will take a while). By default, SecureIT also resets the file date, zeroes out the recorded file size, and wipes out the filename from the file system.
AxCrypt offers secure deletion, but sticks to one overwrite. Advanced Encryption Package offers a selection of secure deletion algorithms, some of them government-sponsored. And CryptoForge lets you go totally overboard with 99 overwrite passes. I should point out that after seven overwrites there’s no known way to recover the slightest hint of the original data.
As I mentioned, Cypherix PE works quite differently from SecureIT. Rather than encrypting and decryption particular files and folders, you create one or more encrypted vaults. When open, the vault looks just like any disk drive, and you can move files and folders into and out of it freely. But when the vault is locked, its contents are totally inaccessible. CryptoExpert works in much the same way.
CertainSafe Digital Safety Deposit Box creates secure online storage for your most important files and folders. It goes above and beyond to ensure that only you can access those files. To guard against breaches, it splits each file into encrypted bits and stores them on different servers.
Good, Not Great
Cypherix SecureIT encrypts and decrypts files and folders, and includes a secure deletion tool for added security. Its interface is dated, though, and it does little beyond these basics.
AxCrypt Premium is seriously easy to use, with a very modern user interface, and it’s one of only two products we’ve reviewed that supports public key encryption. CertainSafe Digital Safety Deposit Box uses a very secure multistep authentication process, and stores pieces of your files on disparate servers, so even if one server got hacked the hacker wouldn’t have anything useful. Folder Lock pulls together a wide range of encryption and security tools in an approachable package. These three products earn our Editors’ Choice honors for encryption tools that are accessible to the average user.
Cypherix SecureIT Specs
|Public Key Cryptography||No|
|Rate Password Strength||No|
|Create Encrypted Storage||No|
|Create Self-Decrypting EXE||Yes|
|Secure Deletion of Originals||Yes|