Some five or six years ago, I implemented an email data transfer process using PGP to handle file encryption leveraging self signed keys that relied on the freely available tools to handle the encryption of the data. All was good (or good enough). The data was secure, everything worked and I was happy.
Fast forward to present day.
I need to update the code so I can deploy on a new environment so I turn back to the company who was so much help last time and what do I find? The “free” product has been replaced by a 30 day trial version that cripples some features (actually locking you out of your data BTW). Licensing is ridiculously hard to understand – suddenly I realized why so many individuals and small businesses don’t bother to encrypt their data. Hell, many organizations don’t even do it as often as they should.
Unfortunately I can’t alter this process to veer from PGP, I am no longer the owner of it, but I think for all future implementations I’ll use GnuPG. I highly recommend anyone dealing with sensitive files make a strong effort to stay away from the larger vendors until they make a serious effort to make encryption available to individuals freely (and easily).