If the FBI mistook you for a crook and seized your computer, what would they find? You’re probably not a crook, but you might have some files you wouldn’t want the G-men to see. If you keep any secrets in your files, be sure to protect them using encryption. Cypherix Secure IT handles encrypting and decrypting your files and folders, and it can even create self-decrypting files that incorporate both your encrypted data and the code to bring back the plain text. Secure IT does the job, but it’s a bit dated and lacks advanced features. You may instead want to consider AxCrypt Premium, which is even easier to use and has some high-tech capabilities not found in Secure IT. Folder Lock is also worth a look, given its wide variety of encryption choices and related tools. These two are our Editors’ Choice winners for encryption.
How Much Does Secure IT Cost?
Your $29.95 purchase of Secure IT gets you a perpetual license. That's the case with most products in this field. The company also publishes Cypherix Cryptainer Personal, a rather different take on encryption that costs a bit more, a one-time payment of $45. Where Secure IT encrypts specific files and folders, Cryptainer Personal encrypts anything inside its encrypted storage containers.
You'd have to pay $35.88 per year for NordLocker, an exception to the common one-time pricing. The company must maintain servers for your 500GB of secure online storage, so an annual fee makes sense. Note that if you’re satisfied with 3GB of storage, you can use NordLocker for free, creating an unlimited number of local lockers.
AxCrypt Premium, too, includes server-side features. It requires a yearly fee of $45. While a free edition of AxCrypt exists, it’s too limited to be useful. Both AxCrypt and NordLocker offer secure sharing and other advanced features not found in Secure IT.
What Is Encryption?
When Julius Caesar wanted to communicate securely with his generals, it's reported that he encoded the message by replacing each letter with the letter three positions before it in the alphabet. “Gaius Julius Caesar” would become “Dxfrp Grifrp Zxbpxo,” for example. Breaking that kind of cipher is a simple matter of analyzing letter frequencies, but I'm sure it made Caesar feel safer.
Explaining a modern encryption algorithm to Caesar would be tough. Their output bears no visible relationship to the data that went in, and cracking a modern encryption algorithm would take an impossibly long time. The US Government's official encryption algorithm is Advanced Encryption Standard (AES). With a 448-bit key as opposed to AES's 256 bits, Bruce Schneier's Blowfish algorithm would be even tougher to crack.
It's Surprisingly Easy to Be More Secure OnlineEncryption systems that use the same key to encrypt and decrypt data are said to be symmetric; AES and Blowfish are examples. If you share a file, you must find a secure way to share the key as well. Public Key Infrastructure (PKI) cryptography avoids that problem. In this system, if I want to send you a file, I look up your public key and encrypt the file with it. You use your private key to decrypt the file. Conversely, if I want to sign a document to prove that it comes from me and hasn't been modified, I encrypt it with my private key. The fact that you can decrypt it with the public key proves its legitimacy.
Getting Started With Secure IT
Installation of this product is quick and simple. Like most encryption products, it offers a 30-day free trial. Like many of them, its user interface also has a dated look. It's not as retro-looking as Advanced Encryption Package, but it's still reminiscent of UIs from earlier years. One nod to modern UI styling is the new Dark Mode, enabled on the General tab of the Options dialog.
Also enabled on the General tab is a checkbox titled Use of Virtual Keyboard. When this option is active, instead of a password field, you get a button that invokes an on-screen keyboard. Another check box, for Use of Privileged Mode, puts password entry into an isolated process. The point of both these options (which you can use together) is to foil any hardware or software keylogger that may be present.
The main window resembles an old version of Windows Explorer, with a folder tree down the left side and a file list adjacent. You even have the choice to view files as Large Icons, Small Icons, List, or Details. The modern Tiles view is absent, as are Medium Icons and Extra Large Icons. A toolbar across the top gives access to important actions, and a menu above the toolbar offers full access to all program features. Like AxCrypt Premium, Advanced Encryption Package, and CryptoForge, Secure IT adds items to the right-click context menu for files and folders, so you can encrypt or decrypt without having to launch the program.
Encrypting Files and Folders With Secure IT
Select one or more files or folders in the program's display and click the big Encrypt button, or select your choices in Windows Explorer and use the right-click menu to start encrypting. You can choose to encrypt with AES or Blowfish, and you can choose fast compression, tight compression, or no compression.
For each encryption job, you supply a password of up to 56 characters. CryptoForge allows 256 characters, and I couldn't find any limit to the passphrase length in AxCrypt. Whatever password you use, you must remember it. If you lose it, there's no way to get back the encrypted data. To help jog your memory, consider adding a password hint.
Like Cryptainer, Secure IT rates the strength of your password as you type, and this feature has improved since my last review. It no longer calls "password" a strong password, which is a relief. Click the button for the Password Quality Meter for more details. Here you can get an accurate check of password strength, along with reasons a password was downgraded and suggestions for improvement.
Sometimes even the name of a file gives away too much. CryptoForge optionally encrypts file names; AxCrypt can anonymize file names separately from encryption. Secure IT doesn't do that for files, but when it encrypts a whole folder, it renames it to the current date. In the last phase of encryption, you can choose to create a self-extracting encrypted file—handy for sharing with others who may not have Secure IT.
Another option for sharing encrypted files with those who don’t own Secure IT is the DeCypherIT utility. Cypherix makes this tool available for free on its website. You pass along an encrypted file using email, USB drive, or some other means and transmit the password under a separate cover. The recipient simply downloads DeCypherIT to free the shared files from their encrypted state.
For experts and IT workers, Secure IT offers a command-line interface, allowing automated encryption and decryption using batch files. AxCrypt and CryptoForge, among others, also offer a command-line interface. With Cypherix Personal, you must upgrade to get the command-line interface. Most users will be happier with the graphical interface.
Secure Deletion in Secure IT
If you leave the unencrypted originals lying around after making encrypted copies of your sensitive files, you’ve failed at security. It’s about as smart as copying a secret dossier, putting the copy in a lockbox, and leaving the original on the copier. Secure IT can securely delete those originals (or any other files you want to wipe out) by overwriting their data before deletion.
By default, it overwrites file data three times before deletion, though you can crank that down to one overwrite pass or up to 20. One pass is generally considered sufficient to foil file-recovery software. Government-level algorithms typically use three passes. And even the best forensic recovery hardware can’t extract data that’s been overwritten seven times. The default of three should be fine. By default, Secure IT also resets the file date, zeroes out the recorded file size, and wipes out the file name from the file system.
AxCrypt offers secure deletion but sticks to one overwrite. Advanced Encryption Package offers a selection of secure deletion algorithms, some of them based on government recommendations. And CryptoForge lets you go totally overboard with 99 overwrite passes. Once again, after seven overwrites there's no known way to recover the slightest hint of the original data. If you choose a higher number, you’re just wasting time and CPU cycles.
Other Encryption Approaches in Secure IT
As I mentioned, Cryptainer Personal works quite differently from Secure IT. Rather than encrypting and decrypting particular files and folders, you create one or more encrypted vaults. When open, the vault looks just like any disk drive, and you can move files and folders into and out of it freely. But when the vault is locked, its contents are totally inaccessible. CryptoExpert works in much the same way.
NordLocker, too, protects all files deposited in its encrypted storage volumes, which it calls lockers. You don't have to transmit a password to share a locker with another NordLocker user. You simply add that user to the access list; simple! With Folder Lock, you can create encrypted containers, apply encryption to files and folders, make use of encrypted cloud storage, and more.
Good, Not Great
Cypherix Secure IT encrypts and decrypts files and folders. It includes a secure deletion tool for added security. It does little beyond those basics, though, and its interface is dated enough to be distracting. If what it offers is all you need, it’s a fine choice, and the price is good. By comparison, AxCrypt Premium is seriously easy to use, with a very modern user interface, and it's one of only a few products we've reviewed that supports public key encryption. Folder Lock pulls together a wide range of encryption and security tools in an approachable package. These two products earn our Editors' Choice honors for encryption tools meant for the average user.