PGP on User Accounts

^{Last Updated: 2024-12-19}

Purpose

This article describes how to set up a PGP public key on a user account in the Portal.

Introduction

PGP (Pretty Good Privacy) encryption for OUTSCAN accounts is essential for ensuring the confidentiality, integrity, and authenticity of sensitive data when communicating via email. Email is inherently insecure. For example, scan reports often contain critical information that could be intercepted or tampered with during transmission. PGP encryption secures this data by encrypting it, making it accessible only to authorized recipients who possess the corresponding key.

Additionally, PGP provides digital signatures, which verify the sender's identity and ensure that the report has not been altered. This is particularly important for system-generated emails, where trust and data accuracy are paramount.
Implementing PGP encryption not only protects against data breaches but also helps your organization comply with data protection regulations and industry standards, enhancing overall security.

Setting Up PGP Private Keys on User Accounts

Prerequisite

Before starting the setup, generate your PGP key pair using a software that supports PGP such as GnuPG, Kleopatra, PuTTYgen or GPGTools, and export your public key.

Set Up

1. To navigate to this section, 

   1. Log in to OUTSCAN / HIAB.

   2. Go to Main Menu > Portal.

   3. Click the Account icon in the upper right corner.

   4. Select the IAM card to access the IAM page.
      

      

      
      

   This displays the Identity Access Management page which is divided in three tabs, Users, Roles, and Resource Groups.

2. Edit a user or sub-user on the IAM page.
   

   

   
   

2. Select the PGP tab, click the blue PEM FILE button to upload your PGP public key file.
   

   

   
   

3. The uploaded file name is displayed below the button.
   

   

   
   If the key is invalid, an error message will be displayed below the file name.
   

   

   
   

4. Click the blue UPDATE button to save the key.

5. When editing users that have already setup a PGP key, a blue tick icon is displayed on the PGP tab.

   
   

   

   
   

6. To verify the changes, create an email event that sends notification emails to a user that has a PGP key.
   

   

   
   

To remove any existing keys, click the delete icon next to the file name and click the UPDATE button, this will allow emails to be sent unencrypted: