OpenGPG for collaborative file sharing?

The name of the pictureThe name of the pictureThe name of the pictureClash Royale CLAN TAG#URR8PPP











up vote
0
down vote

favorite












We are trying to create a system where our employees can access are shared encrypted file over a VPN and make edits to it. The file's contents are sensitive, so we want to make it as secure as possible with a small budget. However, we definitely need to access the file off site.



We are looking for the most secure ways to encrypt the single file. I like OpenGPG because you can use both RSA and password-based encryption simultaneously. However, I'm not sure it works very well for this use case because employees will be making continuous edits to one file. When you decrypt a file and edit it, it produces a cleartext file that must be re-encrypted, and when you re-encrypt that file it keeps a copy of the cleartext file which must then be deleted. I'm fairly we don't want to be working with/deleting cleartext versions of the file.



We've looked at EFS (which isn't an option due to the restraints of the file location), Axcrypt (which is an option, but comes with OpenCandy), and LibreOffice/Excel encryption (which is looking like the best option right now).



Is there a way to use OpenGPG in this use case, or are we better off with something else?










share|improve this question







New contributor




Mikael is a new contributor to this site. Take care in asking for clarification, commenting, and answering.
Check out our Code of Conduct.



















  • File encryption protects data at rest... so, if people are editing a file, there is a clear text version somewhere, if only in system memory.... If you are looking at numerous people collaboratively working on a sensitive file, the encryption options are going to be limited and cumbersome. Since the VPN already provides for eavesdropping protection, it may be better to implement an ACL approach with the file being encrypted via a master key when not in use. Something like this
    – RubberStamp
    2 days ago














up vote
0
down vote

favorite












We are trying to create a system where our employees can access are shared encrypted file over a VPN and make edits to it. The file's contents are sensitive, so we want to make it as secure as possible with a small budget. However, we definitely need to access the file off site.



We are looking for the most secure ways to encrypt the single file. I like OpenGPG because you can use both RSA and password-based encryption simultaneously. However, I'm not sure it works very well for this use case because employees will be making continuous edits to one file. When you decrypt a file and edit it, it produces a cleartext file that must be re-encrypted, and when you re-encrypt that file it keeps a copy of the cleartext file which must then be deleted. I'm fairly we don't want to be working with/deleting cleartext versions of the file.



We've looked at EFS (which isn't an option due to the restraints of the file location), Axcrypt (which is an option, but comes with OpenCandy), and LibreOffice/Excel encryption (which is looking like the best option right now).



Is there a way to use OpenGPG in this use case, or are we better off with something else?










share|improve this question







New contributor




Mikael is a new contributor to this site. Take care in asking for clarification, commenting, and answering.
Check out our Code of Conduct.



















  • File encryption protects data at rest... so, if people are editing a file, there is a clear text version somewhere, if only in system memory.... If you are looking at numerous people collaboratively working on a sensitive file, the encryption options are going to be limited and cumbersome. Since the VPN already provides for eavesdropping protection, it may be better to implement an ACL approach with the file being encrypted via a master key when not in use. Something like this
    – RubberStamp
    2 days ago












up vote
0
down vote

favorite









up vote
0
down vote

favorite











We are trying to create a system where our employees can access are shared encrypted file over a VPN and make edits to it. The file's contents are sensitive, so we want to make it as secure as possible with a small budget. However, we definitely need to access the file off site.



We are looking for the most secure ways to encrypt the single file. I like OpenGPG because you can use both RSA and password-based encryption simultaneously. However, I'm not sure it works very well for this use case because employees will be making continuous edits to one file. When you decrypt a file and edit it, it produces a cleartext file that must be re-encrypted, and when you re-encrypt that file it keeps a copy of the cleartext file which must then be deleted. I'm fairly we don't want to be working with/deleting cleartext versions of the file.



We've looked at EFS (which isn't an option due to the restraints of the file location), Axcrypt (which is an option, but comes with OpenCandy), and LibreOffice/Excel encryption (which is looking like the best option right now).



Is there a way to use OpenGPG in this use case, or are we better off with something else?










share|improve this question







New contributor




Mikael is a new contributor to this site. Take care in asking for clarification, commenting, and answering.
Check out our Code of Conduct.











We are trying to create a system where our employees can access are shared encrypted file over a VPN and make edits to it. The file's contents are sensitive, so we want to make it as secure as possible with a small budget. However, we definitely need to access the file off site.



We are looking for the most secure ways to encrypt the single file. I like OpenGPG because you can use both RSA and password-based encryption simultaneously. However, I'm not sure it works very well for this use case because employees will be making continuous edits to one file. When you decrypt a file and edit it, it produces a cleartext file that must be re-encrypted, and when you re-encrypt that file it keeps a copy of the cleartext file which must then be deleted. I'm fairly we don't want to be working with/deleting cleartext versions of the file.



We've looked at EFS (which isn't an option due to the restraints of the file location), Axcrypt (which is an option, but comes with OpenCandy), and LibreOffice/Excel encryption (which is looking like the best option right now).



Is there a way to use OpenGPG in this use case, or are we better off with something else?







security encryption gpg






share|improve this question







New contributor




Mikael is a new contributor to this site. Take care in asking for clarification, commenting, and answering.
Check out our Code of Conduct.











share|improve this question







New contributor




Mikael is a new contributor to this site. Take care in asking for clarification, commenting, and answering.
Check out our Code of Conduct.









share|improve this question




share|improve this question






New contributor




Mikael is a new contributor to this site. Take care in asking for clarification, commenting, and answering.
Check out our Code of Conduct.









asked 2 days ago









Mikael

1




1




New contributor




Mikael is a new contributor to this site. Take care in asking for clarification, commenting, and answering.
Check out our Code of Conduct.





New contributor





Mikael is a new contributor to this site. Take care in asking for clarification, commenting, and answering.
Check out our Code of Conduct.






Mikael is a new contributor to this site. Take care in asking for clarification, commenting, and answering.
Check out our Code of Conduct.











  • File encryption protects data at rest... so, if people are editing a file, there is a clear text version somewhere, if only in system memory.... If you are looking at numerous people collaboratively working on a sensitive file, the encryption options are going to be limited and cumbersome. Since the VPN already provides for eavesdropping protection, it may be better to implement an ACL approach with the file being encrypted via a master key when not in use. Something like this
    – RubberStamp
    2 days ago
















  • File encryption protects data at rest... so, if people are editing a file, there is a clear text version somewhere, if only in system memory.... If you are looking at numerous people collaboratively working on a sensitive file, the encryption options are going to be limited and cumbersome. Since the VPN already provides for eavesdropping protection, it may be better to implement an ACL approach with the file being encrypted via a master key when not in use. Something like this
    – RubberStamp
    2 days ago















File encryption protects data at rest... so, if people are editing a file, there is a clear text version somewhere, if only in system memory.... If you are looking at numerous people collaboratively working on a sensitive file, the encryption options are going to be limited and cumbersome. Since the VPN already provides for eavesdropping protection, it may be better to implement an ACL approach with the file being encrypted via a master key when not in use. Something like this
– RubberStamp
2 days ago




File encryption protects data at rest... so, if people are editing a file, there is a clear text version somewhere, if only in system memory.... If you are looking at numerous people collaboratively working on a sensitive file, the encryption options are going to be limited and cumbersome. Since the VPN already provides for eavesdropping protection, it may be better to implement an ACL approach with the file being encrypted via a master key when not in use. Something like this
– RubberStamp
2 days ago















active

oldest

votes











Your Answer








StackExchange.ready(function()
var channelOptions =
tags: "".split(" "),
id: "106"
;
initTagRenderer("".split(" "), "".split(" "), channelOptions);

StackExchange.using("externalEditor", function()
// Have to fire editor after snippets, if snippets enabled
if (StackExchange.settings.snippets.snippetsEnabled)
StackExchange.using("snippets", function()
createEditor();
);

else
createEditor();

);

function createEditor()
StackExchange.prepareEditor(
heartbeatType: 'answer',
convertImagesToLinks: false,
noModals: true,
showLowRepImageUploadWarning: true,
reputationToPostImages: null,
bindNavPrevention: true,
postfix: "",
imageUploader:
brandingHtml: "Powered by u003ca class="icon-imgur-white" href="https://imgur.com/"u003eu003c/au003e",
contentPolicyHtml: "User contributions licensed under u003ca href="https://creativecommons.org/licenses/by-sa/3.0/"u003ecc by-sa 3.0 with attribution requiredu003c/au003e u003ca href="https://stackoverflow.com/legal/content-policy"u003e(content policy)u003c/au003e",
allowUrls: true
,
onDemand: true,
discardSelector: ".discard-answer"
,immediatelyShowMarkdownHelp:true
);



);






Mikael is a new contributor. Be nice, and check out our Code of Conduct.









 

draft saved


draft discarded


















StackExchange.ready(
function ()
StackExchange.openid.initPostLogin('.new-post-login', 'https%3a%2f%2funix.stackexchange.com%2fquestions%2f481992%2fopengpg-for-collaborative-file-sharing%23new-answer', 'question_page');

);

Post as a guest















Required, but never shown






























active

oldest

votes













active

oldest

votes









active

oldest

votes






active

oldest

votes








Mikael is a new contributor. Be nice, and check out our Code of Conduct.









 

draft saved


draft discarded


















Mikael is a new contributor. Be nice, and check out our Code of Conduct.












Mikael is a new contributor. Be nice, and check out our Code of Conduct.











Mikael is a new contributor. Be nice, and check out our Code of Conduct.













 


draft saved


draft discarded














StackExchange.ready(
function ()
StackExchange.openid.initPostLogin('.new-post-login', 'https%3a%2f%2funix.stackexchange.com%2fquestions%2f481992%2fopengpg-for-collaborative-file-sharing%23new-answer', 'question_page');

);

Post as a guest















Required, but never shown





















































Required, but never shown














Required, but never shown












Required, but never shown







Required, but never shown

































Required, but never shown














Required, but never shown












Required, but never shown







Required, but never shown






Popular posts from this blog

How to check contact read email or not when send email to Individual?

Displaying single band from multi-band raster using QGIS

How many registers does an x86_64 CPU actually have?