Overview
PGP Desktop is a security tool that uses cryptography to protect your data against unauthorized access. PGP Desktop protects your data while being sent by email. PGP Desktop lets you create PGP keypairs and manage both your personal keypairs and the public keys of others (See diagram).

Note: PGP Desktop Professional includes many features; however, SSTA-WT's recommendations and support are limited to encrypting email attachments.

1. Determine need for email encryption
1. Is external/internal entity mandating the use of encryption?
1. Do you have recipient's Public Key?
2. Does recipient have your Public Key?
2. Who will be responsible for sending/receiving encrypted messages?
3. How many licenses will be needed?
1. Licenses are based on number of workstations not number of users.
2. Request software and installation
1. Request and installation of software will follow usual procedures set by SSTA-WT.
3. Individual staff member is responsible for maintaining their private key and passcode

SSTA-WT Responsibility

1. Order software
1. Quote as of 10/2005
1. $161.00 for a minimum of 25 license.
2. Price per license if ordering less than 25 -- $200.76
2. Deploy/Install software
2. Instruct users regarding initial setup of keys.

Email Attachment Encryption Guidelines Using SDA's
This option allows a sending party that is using PGP to communicate a secure file attachment to a receiving party who is not using PGP. This will ONLY secure the attached SDA not the email communication itself. The following paragraphs will give you an overview of how to do this.

1. Using SDA (self decrypting archives) to securely communicate with people who do not have PGP
1. See the chapter on PGP Zip in the PGP Desktop User's Guide.pdf
1. Creating SDA
2. Things to remember when using SDA's
1. The SDA itself
1. Email will block files with the EXE extension
1. Rename the SDA to <name>.txt
2. The pass phrase
1. Max out the strength meter when creating a pass phrase
1. The password is case sensitive
2. Special characters are accepted
3. Numbers are accepted.
4. The longer the pass phrase the more secure it will be as demonstrated by the strength meter.
2. Communicate pass phrase to the entity who is receiving the SDA .
1. DO NOT send it in the same email that contains the SDA attachment.
2. Best practice would be to contact the receiving party by phone to communicate the pass phrase.
3. If you CANNOT communicate by phone, use a separate email to send the pass phrase.
4. When you communicate the pass phrase explain to the receiving party that they will need to rename the SDA to <name>.exe Once they have done this they can double left mouse click on the name.exe file and it will request the pass phrase to grant them access to the SDA.
3. Timing from SDA Creation to final disposition of SDA sent to the receiving party.
1. Best practice would suggest that both sender and receiver be aware and ready to utilize this delivery system.
2. Have the shortest time frame realistically possible between sending the SDA and final disposition of the SDA.
3. Remove the SDA email from your sent items once receiver has verified the item has been accepted.