Monday, November 24, 2008

It shouldn't be THAT easy

I've sold my manager, and director on Encrypted IM... We're running a small test right now, in the IT group (the IT people, we'll fold the rest of the IS people in later (the developers, dbas and etc).

We're using Pidgin, with Pidgin-encryption. Really easy to set up. Install Pidgin. Install Pidgin-encryption. Works with all major IM servers, and Operating Systems.

After installing, set your user accounts (don't have to, but that is the way I like to do it), then go and turn on the plugin for pidgin-encryption under options>plugins.

When you turn it on, by selecting the check box, it creates rsa keys for all accounts in the client. Click on configure plugin button, and go to the second tab. Highlight the account, press regenerate key. Change the key size to 2048. The bigger the key the harder it is to break. I have mine set at 4096 (the largest size supported by the client at this time).

Then when you IM a someone, you'll notice somewhere in the text window (here at work it's on the top of the window) a little lock. Click it, and it turns on the encryption. If the person on the other side has the plugin installed, you'll get their key. You should have 2 locks at that point. with arrows pointing to each other. You're encrypted and good to roll. If you're sending an im to someone without encryption, just turn off the crypto, by hitting that little green lock.

So what does encryption do again? It makes it so no one else can read your messages, unless they are supposed to. Encrypted IM rocks. This is really fast, easy to set up, and simple to use. You don't have to worry about someone, like Google (if using Google talk), storing your IMs and giving them to the cops. Because It's encrypted. However, the cops can make you give up your key, at least in the United States. But, if you're transferring Intellectual Property (YOUR OWN, or YOUR EMPLOYER'S) you don't have to worry about the competitor getting your data.

So what shouldn't be that easy? Getting upper management to buy in on this. I've been trying for 2 years. They both said yes today. The director said to bring it up at the next team meeting, and we'll work it out.

No comments: