Video Screencast Help

Automatic Encrypt on file entering a folder

Created: 04 Jul 2012 • Updated: 16 Jul 2012 | 6 comments
Alex_CST's picture
This issue has been solved. See solution.

Hi,

I have a scenario whereby a file gets put into a specific folder, itll need encrypting, whatever the file is called, then put into another folder for another program to inject it into a database.

This is retrofitting of an existing system so we are adding encryption to an already implemented solution.

What would be the best way of going about this?  How would we get PGPCL to detect or does something else need to start the running of the batch file?  What sort of syntax would we be using here just wildcards? pgp --encrypt c:\folder\*.* etc etc?

Comments 6 CommentsJump to latest comment

Symc_TomC's picture

Command Line would be a fit to your scenario and alternatively, PGP has a component called Netshare which can automatically encrypt files placed in a folder as well.  It's a bit more automated and meant for seamless use as File/Folder encryption for your users.  The only piece of your scenario I see that Netshare would not be able to handle is automatically moving the encrypted file to another folder for the insertion into the DB.

 

Tommy Cooper
Regional Product Manager (RPM)

Information Security Group | Encryption
Symantec Corporation

dfinkelstein's picture

PGP Command Line doesn't currently have functionality to do this itself.  You could write a script that looked into the folder, and called PGP Command Line (if a file were there), and then slept for a minute before checking again.

There are products built around PGP Command Line that have some of this functionality.  See for example the offerings from Cryptosoft, http://www.cryptosoft.com/

Regards,

--------

David Finkelstein

Symantec R&D

Alex_CST's picture

Maybe if I expand on the scenario:

 

Website with front-end for EU's to access documents.  These documents (word files) are currently NOT encrypted, and they now need to be to be compliant.  This website is build on Flex/.NET with an SQL back-end.  

PGPCL needs to be retrofitted into this scenario so that when documents are at rest they are encrypted. 

The leading configuration will be to point the documents VIA .NET to PGP, PGP sends it BACK to .NET, then .NET injects the file into SQL.  For file recalls, the process is reversed, so SQL gives it to .NET, .NET then gives it to PGP, decrypts, then PGP gives it to .NET again for the EU to view.

This something PGPCL can do?  Ignoring the complications of the configuration of .NET, the PGPCL seems to me relatively simple, but what would the commands be that .NET sends.  Would we use pgp as a service on the server in question or a batch file?  

Please mark posts as solutions if they solve your problem!

http://www.cstl.com

dfinkelstein's picture

You should be able to call PGP Command Line at the right points in your workflow to do what you want.  It sounds like you would just call it directly, or call a batch file (that you can tweak and tune as you need, and to make it easier to test).

Note that PGP Command Line can take input from a file, or from stdin, and it can also write to stdout, so you can read the file data from some other source (say your database) and pass it to and from PGP Command Line without having to go through an intermedate file for processing.

--------

David Finkelstein

Symantec R&D

Alex_CST's picture

would it just be normal pgp -e file.doc authorized user -passphrase blahblah in a batch file?  Anything special that needs to be taken into consideration?

Please mark posts as solutions if they solve your problem!

http://www.cstl.com

dfinkelstein's picture

Based on your use case, it certainly seems that this is all you need to do.

 

--------

David Finkelstein

Symantec R&D

SOLUTION