White Papers

"How Whole Disk Encryption Works"

If you're using a computer or a removable USB drive, chances are that you have sensitive data on it. Whether it's your home computer with family finances, your work computer with sensitive corporate information, or a thumb drive with government secrets, you want to make sure the data doesn't get compromised if the device is lost or is stolen. Whole disk (also known as full disk) encryption protects this data, rendering it unreadable to unauthorized users.

Download the "How Whole Disk Encryption Works" white paper [PDF: 542KB] (Registration required)

"Achieving Universal Encryption Tone"

Jon Callas, CTO & CSO of PGP Corporation, discusses how new automated encryption technologies may soon turn data security into a ubiquitous, always-on, utility-like dial tone. With high-quality security in the background, users would reap the benefit of encryption and digital signatures without even knowing it's there. PGP Corporation is at the forefront of these technologies.

Download the "Achieving Universal Encryption Tone" white paper [PDF: 696KB] (Registration required)

"Attaining Payment Card Industry (PCI) Compliance Using the PGP Encryption Platform"

This PGP White Paper explains the Payment Card Industry Data Security Standard (PCI DSS) and how the PGP® Encryption Platform can help organizations comply with PCI DSS requirements to protect card holder data by using encryption.

Download the "Attaining Payment Card Industry (PCI) Compliance Using the PGP Encryption Platform" white paper [PDF: 1.64MB] (Registration required)

"Creating Automagical Encryption with New PGP® Products"

This PGP® white paper is a stand-alone version of the article written by Jon Callas, PGP Corporation's CTO & CSO, which discusses the company's strategic vision and provides an overview of the new PGP Universal™ 2.0 and PGP® Desktop 9.0 products as well as the new PGP® Global Directory service hosted by PGP Corporation.

Download the "Creating Automagical Encryption with New PGP Products" white paper [PDF: 53KB]

"Data Protection is What Matters"
This CIO Magazine white paper explains that traditional security measures are not defending businesses from costly breaches. Only enterprise data protection focuses on what matters most: the data.

Download the "Data Protection is What Matters" white paper [PDF: 163KB]

"The Dawn of Pervasive Encryption"
Jon Callas, CTO & CSO of PGP Corporation, explains PGP Corporation's new approach to encrypting data: transforming encryption from a manual function performed by an individual to a network service for all users. He provides insight into how this transparent and automatic solution, PGP Universal™, will change the way organizations provide secure communications both inside and outside the enterprise.

Download the "The Dawn of Pervasive Encryption" white paper [PDF: 699KB]

"Encrypting Business Transactions with PGP Command Line"
Learn the risks and opportunities of business-to-business communications and how these critical transactions can be protected with PGP® Command Line. This PGP® white paper focuses on:

• The evolution of business-to-business communications on the Internet
• Key risks of unsecured business-to-business transactions
• Introduction to PGP Command Line
• Use cases of automated, authenticated, and encrypted transactions with PGP Command Line
• Future trends in secured business communications

Download the "Encrypting Business Transactions with PGP Command Line" white paper [PDF: 259KB] (Registration required)

"Enterprise Email Encryption Buyer's Guide 2008"
Encryption of email is a critical strategy for enterprises seeking to protect important information and mitigate business risk. The Enterprise Email Encryption Buyer’s Guide 2008 from Osterman Research provides a comprehensive overview of the factors an organization must consider when evaluating and purchasing encryption solutions for enterprise email systems.

Download the "Enterprise Email Encryption Buyer's Guide 2008" white paper [PDF: 1.18MB] (Registration required)

"Inside PGP® Key Reconstruction"
One of the most common problems with a large-scale PGP® deployment is that users sometimes forget their passphrases or even lose their private keys. This leads to help desk calls that can be costly for an organization. Over the years, PGP Corporation has taken several major steps to deal with this problem. Various pieces of the PGP® solution when factored together present a solid front against this problem, including use of split-key ADKs for data recovery, automatic binding of designated revokers to keys upon generation, and now key reconstruction.

Download the "Inside PGP Key Reconstruction" white paper [PDF: 457KB]

"The Insider Threat: Understanding the Risks & Defending the Enterprise"
In today's world of disappearing network perimeters and high-stakes cyber-crime, no threat looms larger than that of the Insider. This PGP® white paper is based on a webcast in the PGP Education Series and features Doug McLean, Vice President Products, and Jim Reavis, President of Reavis Consulting Group. In this webcast, users will learn:

• The top internally focused security threats
• The key components of a defense-in-depth protection against the Insider Threat
• The benefits of comprehensive encryption architecture in providing durable protection

Download "The Insider Threat: Understanding the Risks & Defending the Enterprise" white paper [PDF: 871KB]

"Introduction to Cryptography"
This guide is useful to anyone interested in knowing the basics of cryptography. Recently revised by Jon Callas, PGP Corporation's CTO & CSO, the guide looks at why cryptography is important and includes a brief history of cryptography as well as what the future might hold.

Download the "Introduction to Cryptography" white paper [PDF: 927KB] (Registration required)

"The OpenPGP Standard and PGP Products"
This PGP® white paper looks at the differences between current PGP® products and the OpenPGP standard—a set of Internet Engineering Task Force (IETF) documents that define an interoperable way for systems to encrypt messages and create certificates. OpenPGP is a syntax that expresses security concepts, and it is in how these are used that the PGP® implementation provides its advantages.

Download "The OpenPGP Standard and PGP Products" white paper [PDF: 150KB]

"PGP Command Line Technology Overview"
Applications transferring, managing, and archiving critical information are the foundation of corporate information systems. Security breaches and the resulting consequences have made organizations aware of the many ways sensitive corporate information and customer data can be compromised. For IT managers, architects, and developers, finding an encryption solution that helps address risk mitigation without requiring significant integration may appear challenging. This PGP® white paper uses a variety of common business applications as examples for integrating PGP® Command Line encryption.

Download the "PGP Command Line Technology Overview" white paper [PDF: 1MB]

"The PGP Encryption Platform"
As businesses seek new operational models, diversify globally, and develop closer relationships up and down the value chain to achieve greater profitability, IT organizations are being asked to help drive innovation while securing systems and communications to protect brand equity and meet compliance obligations. To meet these business goals, enterprises are increasing the use of encryption. The PGP® Encryption Platform offers a new approach that allows businesses to deploy and manage multiple encryption applications cost-effectively, saving capital and human resources to focus on additional projects. This PGP® white paper is intended for business managers and compliance officers participating in IT portfolio management as well as IT management responsible for implementing information security projects.

Download "The PGP Encryption Platform" white paper [PDF: 633KB] (Registration required)

"The PGP Global Directory"
Just as the public PGP® Keyserver was operated as a free service, the PGP® Global Directory will continue to be offered as a free service to the PGP® global community. The PGP Global Directory will offer many new features and benefits. It also addresses some longstanding issues with the legacy public PGP Keyserver as well as with the design of keyservers in general. This PGP® white paper details the features and benefits of the PGP Global Directory as well as how to participate.

Download "The PGP Global Directory" white paper [PDF: 247KB]

"PGP Universal 2.0 – An Integrated Approach to Enterprise Security"
This PGP® white paper is intended for business and IT executives seeking to understand how PGP Universal™ can allow them to meet their organization"s current and anticipated information security needs. Readers will learn how PGP Universal 2.0 delivers a complete, proven solution for enterprises wishing to secure confidential information and comply with industry and government regulatory mandates.

Download the "PGP Universal 2.0 – An Integrated Approach to Enterprise Security" white paper [PDF: 314KB] (Registration required)

"PGP Universal 2.0 – Technical Overview"
This PGP® white paper provides a technical overview of PGP Universal™ 2.0, PGP Corporation's solution for securing confidential email communications and managing desktop storage security. This paper details the features of PGP Universal 2.0 and how they provide an enterprise message and storage encryption solution that preserves the user experience, automates the application of security policy, and minimizes administrative overhead.

Download the "PGP Universal 2.0 – Technical Overview" white paper [PDF: 644KB] (Registration required)

"Request for Success: How to Write an Effective RFP for Secure Messaging"
Encryption of email is a critical strategy to mitigate security risks, protect sensitive data, and ensure regulatory compliance. Key to the success of obtaining an optimal solution is a well-written and well-executed Request for Proposal (RFP). This PGP® white paper outlines the key steps for writing an effective RFP and explains the success factors for managing the RFP process to ensure organizations get the secure-messaging solution they need.

Download the "Request for Success" white paper [PDF: 133KB] (Registration required)

"Revocation Made Simpler"
The important functionality of revocation has brought headaches to many security architects. This PGP® white paper discusses the drawbacks of the existing methods of certificate revocation lists (CRLs) and the Online Certificate Status Protocol (OCSP) and suggests an alternative and persuasively simple way for revoking keys: short-lived certificates (SLCs).

Download the "Revocation Made Simpler" white paper [PDF: 119KB]

"The Role of Encryption in Data Protection"
This PGP® white paper is based on a presentation given in 2006 by Dave Cullinane, CISO for eBay Marketplaces. The paper identifies the multiple locations where information is most vulnerable and also addresses the impact of data breaches on the industry and consumers as well as the measures organizations can take to prevent such attacks. In addition, it presents an overview of encryption’s role in protecting data as well as the range of individual to enterprise encryption solutions currently available plus new emerging technologies. Finally, it outlines four key criteria to help organizations select a suitable encryption vendor.

Download "The Role of Encryption in Data Protection" webcast summary (white paper) [PDF: 132KB]

"The Roles of PGP Endpoint in Data Protection"
This PGP® white paper describes the risks associated with portable data devices and the challenges enterprise IT organizations face to protect data stored on them. In addition, it explains how PGP Endpoint prevents portable devices and media from incurring data loss or malware, demonstrates compliance, and simplifies users’ responsibilities in security policy enforcement.

Download "The Roles of PGP Endpoint in Data Protection" white paper [PDF: 173KB] (Registration required)

"Staying Out of the Headlines: Strategies for Protecting Critical Data Transfers & Backups"
When things are going well, the success of the security professional is difficult to measure. Security successes are often unknown because there is little positive news coverage for protecting data from unauthorized or unintended disclosure. Unfortunately, security failures have more news value and tend to be widely publicized. This PGP® white paper reviews some of the better-known security incidents that occurred in 2005, explains why these things happen, and discusses some of the underlying issues.

Download the "Staying Out of the Headlines: Strategies for Protecting Critical Data Transfers & Backups" white paper [PDF: 1MB]

"Top 10 Reasons: Why PGP Corporation?"
This PGP® white paper describes what questions to ask when selecting an encryption vendor, including the top 10 qualifications to look for as well as potential problems if a vendor does not meet these requirements. The paper also outlines what differentiates PGP Corporation from other security, secure-messaging, and encryption vendors.

Download the "Top 10 Reasons: Why PGP Corporation?" white paper [PDF: 72KB]

"Transport Layer Security (TLS) & Encryption: Complementary Security Tools"
This PGP® white paper explores the myth that enterprises using TLS to secure their email traffic do not need to encrypt email message content. The paper also describes the differences between TLS and content encryption and summarizes why both are required in a comprehensive email security solution.

Download the "Transport Layer Security (TLS) & Encryption: Complementary Security Tools" white paper [PDF: 67KB]