The Web Encryption Extension
Have you ever missed an "Encrypt this message" button while using an online application?
You don't have to.
The Web Encryption Extension will provide the encrypt button for every web application that takes user input.
The basic idea behind this software is to help people use encryption who are not very tech-savvy. You may know that encryption is important, but you may also be shy of plunging into such complex matters. The Web Encryption Extension reduces this complexity, so that you can use encryption securely. Any online software that has no encryption button can be extended to provide an easy to use mechanism to encrypt your text input. You will not have to install any additional software on your own computer, because the encryption is done with the standard tool GPG on the server for you.
Obviously, web mail is one of the applications where the encrypt button has been missing in the past. Even security aware users were unable to protect their messages because there was no encrypt button. Fortunately, this has become a thing of the past.
The Web Encryption Extension (WEE) has been released under a GPL license to make sure that as many web applications as possible can use it to provide easy accesible encryption to their users.
WEE-MailBased on the Web Encryption Extension we have developed a comprehensive online solution for businesses that need a way to reliably encrypt documents attached to an email that is both easy to use and secure. In an increasingly mobile world businesses are looking for a reliable way to ensure confidentiality when they exchange sensitive information with their clients and customers.
Secure Webmail For Your Business
With WEE-Mail we offer businesses a complete online service to organize confidential communication with their clients based on a flat monthly fee.
Reinforce Your Database With WEE
When customers purchase goods or services, when they make a reservation or booking, when asking for professional advice, they often provide personal and sensitive information that ends up in a database, eventually. And customers have every right to expect that their information remains confidential, even if it's stored in a business database.
Unfortunately, more often than not information in a database is protected only with the database access password, which is often stored on the server, sometimes in clear text. But sensitive information in a database can now be protected much better when WEE is used to selectively encrypt special database fields. Because the information stored in encrypted database fields can only be recovered by persons who enter a password that will not be stored on the server. Some information in the database is practically unreadable unless someone needs to use it and manually decrypts the database field because he has the necessary secret key.
Again, by using WEE the complexity is reduced considerably, so that encrypting selected database fields is possible with the push of a button.
How can you encrypt your customer's financial records in a database?
Here's the solution: Use a database management program like PHPMyAdmin (with the WEE extension), select the field you need to encrypt by its name from a menu, select the public key and press the encrypt button, the protected information is ready to be stored in the database. Yes, it's that easy to protect database fields.
Have a look at this demo database. You can login as user "kerrylinux" with the password "secret". The demonstration key is protected with the passphrase "kerrylinux". You will need this information, when you try to decrypt a protected database field using the WEE extension.
When you select the table "customers" in the demo database, you will see that certain fields are already encrypted. Press the "edit" button and all necessary buttons for encryption, decryption, signature creation and verification will appear below the top menu. In the left hand corner there is a selection menu to pick the name of the database field you wish to modify. Please note, that in the current demo version the confidential information is visible in a text field only, it cannot be used to replace the encrypted text as it is meant for-your-eyes-only. This can be changed in the configuration, if required.
WEE For Open Source Web Mail
Do you want to see how WEE works in open source Webmail?
Here is a demonstration of the popular webmail application ROUNDCUBE that has the encrypt button. Log in and see for yourself how encryption works in a program that doesn't have encryption by default.
You can use the two demonstration keys in the demo with the passphrases "secret" or "kerrylinux" to decrypt messages.
Roundcube is not the only webmail client that can be upgraded with encryption.
Of course, there are many more applications where the encrypt button should be:
- in contact forms
- business applications (CRM, CMS)
- online shop applications
- and anywhere a user enters confidential information into a web application.
The Contact Form
Many websites offer contact forms that send messages to a business. Why not encrypt the message before sending? In doing so, the contact form becomes the safe channel between the customer and the business. Confidentiality is a must for many businesses today, so why don't they offer it to their customers as a standard?
With the Web Encryption Extension this is no problem at all. Any contact form can be turned into a safe channel with the web encryption extension. See a demonstration here .
As you can see it's really easy to enhance any existing form on your website with the encryption feature. But if you are just about starting the contact form on your website we have bundled all you need in a free download to help you make your website look great and work securely.
If you need a hand, don't hesitate to contact us.