Why PGP Corporation?

"We knew PGP security solutions had a proven history of use by some of the world's leading businesses, government agencies, and cryptographers. We didn't really consider anything else."

Chris Cross, Director of Security, Chase Paymentech

Based on industry standards - Choosing products based on current industry standards ensures interoperability with other products based on the same standards, maximizes investments in existing infrastructure technologies and products, and provides the highest level of security.

Integrates with the existing email system or partner email systems - Solutions based on open standards for public key formats and nonproprietary technologies will ensure the widest compatibility among deployments. Products based on plug-in architectures are usually designed for purposes other than security, lack support, and change frequently, making interoperability problematic.

"Installation of PGP Universal Server in the gateway was simple. We installed the software on the server and then easily reconfigured the way the mail was delivered internally to accommodate our anti-spam and content-filtering solution. That was the only change we had to make to our existing infrastructure. It took about 4 hours to get up and running, and we'd originally thought it would take about a week." - Jacob Mays, Assistant Vice President, Stillwater National Bank

Integrated and comprehensive product line - Vendors that offer a unified encryption platform with integrated applications are more likely to have a long-term product roadmap based on a single product architecture that emphasizes interoperability and ease of use.

Flexibility to achieve multiple levels of security - Most enterprises have indicated that granular policy options are a high priority to help meet corporate encryption needs—both for users who need to determine when and how to apply security policy to email, as well as users who may not understand encryption or know how to apply it. At the same time, enterprises also need two-way policy enforcement so that outgoing messages sent securely are returned encrypted and not "in the clear."

"We needed an encryption solution to enforce two-way secure communications with external recipients." - Ken Juneau, AVP & Director Distributed Systems, American National Insurance Company (ANICO)

Simple and automatic key management - Managing the keys required to encrypt data can be cumbersome, limiting deployment of encryption to a few individuals within the company. Most companies need scalable solutions that meet the needs of all employees as well as external business partners and vendors.

"PGP Universal Server offers an integrated keyserver, easy-to-use key management, and PGP Universal Web Messenger functionality, which allows us to communicate securely with recipients that have no key or encryption solution. It offers everything we need and more-right out of the box." - Thomas Diegmüller, Network Technology, EDAG Engineering & Design AG

Digital signatures and encryption for authentication - Authentication is the process of verifying that the sender of an email is who he/she claims to be as well as that the email's contents have not been altered in transit. Although encryption can be used to establish the identity of a sender, based on the sender's unique private key, authentication is not its main objective. Verifying the identity of the sender is usually done by use of a digital signature.

"We created a process whereby a release manager digitally signs the files to confirm that the information could be released from a project environment. It was important that the signature provided a non-refutable audit trail. In this case, PGP Desktop proved a real business enabler for a defense-specific information management problem." - Hugh Fraser, Head of IT Security, BAE Systems

Integrates with anti-virus, anti-spam, and content-filtering solutions - "Email hygiene" includes all the activities required to keep an organization's email system up and running and clean: virus, spam, and content blocking plus securing email through encryption and digital signatures. These technologies must interoperate seamlessly to address potential threats to email system stability, security, and productivity.

"I was looking for a best-of-breed solution and knew PGP Corporation's products were the de facto standard for encryption technology."

- Bill McClelland, IT Director, Montrose Memorial Hospital

Enables users to recover lost keys - Security regulations such as Sarbanes-Oxley increasingly require corporate access to encrypted data even if the key owner is unable or unwilling to provide the private key. Organizations should only consider encryption solutions that offer advanced key features such as Additional Decryption Key (ADK), key reconstruction, and key splitting that ensure policy-defined access to proprietary corporate information.

"We selected PGP Whole Disk Encryption because it lets administrators generate one-time passphrase recovery tokens that permit individual users to access their encrypted drives, if necessary." - Jon Allen, Director, Information Security Officer, Baylor University

Financial viability - Enterprises want to work with vendors that have strong financial positions, ensuring they will become long-term infrastructure partners and have the resources to invest in continued product and business development as well as customer support.

"PGP Corporation is a flexible, reliable partner able to provide solutions for us and our clients that fit every industry. It was also important that PGP Corporation has a solid financial background because some of our outsourcing contracts run for 10 years." - Wayne Scalf, Vice President of End User Computing, ACS

Note: You will need to use the latest version of Adobe® Reader® for your operating system or higher to read the PDFs. If you are experiencing problems reading PDFs using Internet Explorer, please read this Adobe Tech Note.