Easy old school encryption ( attach an encrypted file )

We send out encrypted files all the time as we have important regulations we need to adhere to.  Now we need to get some of our modified data back from our onsite contractors and they do not have access to our "automatic in-house resources"

We have many onsite people in many different offices that need to encrypt files, attach them and send them back.  Sending out instructions ahead of time is not going to work as they will be ignored or they will call to ask what the email says.  

Is there some sort of Hippa certified website that we can pay a few dollars a month for?  Is there a web link that will encrypt a file?  

Who is Participating?

[Product update] Infrastructure Analysis Tool is now available with Business Accounts.Learn More

I wear a lot of hats...

"The solutions and answers provided on Experts Exchange have been extremely helpful to me over the last few years. I wear a lot of hats - Developer, Database Administrator, Help Desk, etc., so I know a lot of things but not a lot about one thing. Experts Exchange gives me answers from people who do know a lot about one thing, in a easy to use platform." -Todd S.

andreasSystem AdminCommented:
How about operating a web-service yourself which uses ssl encryption to let the outside contractors upload the files to you.

Im not sure such a process fulfills the hippa requirements but the file is encrypted once left the System of the contractors during upload, on reception of the file your server could encrypt it your usual way and save them on hdd or forward them.

Just an idea. The web service you are asking for had the same problem, that the files are ssl encrypted only on upload, so if they can make it hippa complaint you should be able to to it too.
ive used these guys in the past without issue, but its only ssl, i dont know if that will satisfy your hipaa requirements though.
I know Box.com encrypts files at rest that are uploaded to them.  In transit the files are protected with SSL.  I don't have a link that shows this, but I know we chose them because they fulfill our needs for PCI and HIPAA compliance.
The 7 Worst Nightmares of a Sysadmin

Fear not! To defend your business’ IT systems we’re going to shine a light on the seven most sinister terrors that haunt sysadmins. That way you can be sure there’s nothing in your stack waiting to go bump in the night.

EirmanChief Operations ManagerCommented:
Keep all your files within a ZIP (or better RAR) archive.
When your contractors receive the archive, they open it (but DO NOT extract/decrypt any files).
They can open individual files and edit/print them, and close the archive.

This way the files stay encrypted all the time
The contractor only has to email one file back to you.
The contractor doesn't have to encrypt anything.

(I recommend Winrar for this)
NVITEnd-user supportCommented:

When your contractors receive the archive, they open it (but DO NOT extract/decrypt any files). They can open individual files and edit/print them, and close the archive.

Sounds conflicting. Please clarify this step.
EirmanChief Operations ManagerCommented:
Suppose the password protected archive is called ProjectX.rar and it contains .....

When the contractor opens ProjectX.rar they will see the above list  ~~~~ The documents are still encrypted.
They open a document for editing (Password required) ~~~~ The documents are still encrypted.
They edit the document and save it ~~~~ The documents are still encrypted.
They close the archive and Winrar asks if "you want to update the archive" ~~~~ The documents are still encrypted.
The normal answer to the above would YES ~~~~ The documents are still encrypted.
The updated archive is emailed back ~~~~ The documents are still encrypted.

With this workflow, the documents always remain encrypted so the contractor does not have encrypt them.
NVITEnd-user supportCommented:
I see. So the files aren't extracted, separating it from the archive. Thanks, Eirman
EirmanChief Operations ManagerCommented:
It's just as well you asked NewVillageIT
Things should be a lot clearer to the OP now.
andreasSystem AdminCommented:
Will win rar really map the access to the opened file transparently to the inside of the archive?

I think it will extract the opened encyrpted files, save a unencrypted temporary copy, then word/other app operates on that temp copy. And on release of the temp file handle trom the app winrar is updating the encrypted file in the archive and deltes the temporary file.
But this left unencrypted temp copyies on the contractors system that can be restored with data recovery tools.

But its only a guess on how winrar works, ive not looked at it for a few years, maybe now it has better integration in windows and can transparently handle this. But last ime ive seen winrar it was surely the temp file method.
So you should check it out b4 using this approach. You may chack it with tools like filemon, procmon from sysinternals.


I've just checked with sysinternals procmon myself, and yes. The file will be unencrypted by winrar, then saved to the users profiles temp path and then after editing winrar will put it back into the archive. So my above guessing is still valid today.
EirmanChief Operations ManagerCommented:
But this left unencrypted temp copyies on the contractors system that can be restored with data recovery tools.
You are probably right, but that is not an issue for the OP (at least I think so).
They will probably be saved locally from time to time anyway.

The important thing is that the documents are always encrypted when emailed
with the least amount of fuss for the various contractors.

One other useful feature for contractors would be the "Add To Archive" for new documents. Using a global/default password in the archive would mean contractors wouldn't have enter a password to encrypt the new file.

You can password winrar archives in 2 ways ....
1) Global/default password: You use the password once to open the archive and list the files.
   You can then open/edit all file without a password.

2) You don't need a password to open the archive and list the files.
    You need a password to open/edit individual files.

Experts Exchange Solution brought to you by

Your issues matter to us.

Facing a tech roadblock? Get the help and guidance you need from experienced professionals who care. Ask your question anytime, anywhere, with no hassle.

Start your 7-day free trial
TIMFOX123Author Commented:
So many great answers.

My solution is in this but due to hippa I should not say which one.

Thank you all
andreasSystem AdminCommented:
Hippy is really depending on security through obscurity? If yes its not a good concept, but neverthemind, many of such certifications arent ;)
It's more than this solution.Get answers and train to solve all your tech problems - anytime, anywhere.Try it for free Edge Out The Competitionfor your dream job with proven skills and certifications.Get started today Stand Outas the employee with proven skills.Start learning today for free Move Your Career Forwardwith certification training in the latest technologies.Start your trial today
Windows OS

From novice to tech pro — start learning today.