WinZip Enterprise Blog

Protecting the world's most sensitive data for over 30 years.

Blog Home > WinZip Blog

WinZip Blog

Five steps to compress a video for email

From instructional webinars to animations, screen recordings and more, video content is an effective way to communicate information related to a company’s products or services.

Sharing and storing that video, however, can be a bit trickier. For example, if you try to share a video via email, you may encounter an error message stating that the attachment exceeds the file size limitations.

While maximum attachment file sizes vary by service provider, in general, you cannot send an uncompressed video file in an email. Gmail and Yahoo allow users to send up to 25 MB in attachments, while Microsoft (e.g., Outlook and Hotmail) limits attachments to 34 MB.

A 1080p video requires 103 MB of storage for every minute of footage. This means that a video as short as one minute long is already too large to send over email. In addition to attachment size limits, large email attachments also consume the recipient’s storage space and bandwidth to download the file.

Fortunately, there are ways to compress a video to reduce its file size, lessen its storage requirements, and increase its transfer rate. Let’s take a closer look.

How does video compression work?

Video compression reduces the data used to encode video content. Uncompressed video files take up a lot of storage space and require a larger bandwidth to transfer the data. Insufficient bandwidth will slow down the transfer process, and viewers may experience playback issues when trying to view larger video files.

The larger the video file, the longer it will take to upload or share the file to online platforms. Factors that affect video file sizes include:

  • Resolution: The dimensions of the videos (both length and width) in pixels. Videos with higher resolution use more pixels to capture the image but also create larger file sizes.
  • Bitrate: The measurement of how much information is transmitted at any given time. Higher bitrates result in high-quality videos that have large file sizes. Lower bitrates mean smaller files but the video itself will have reduced quality.

Compressing a video file’s information into a smaller space reduces the file size and lowers bandwidth transmission requirements. To understand how this works, think of a video file as a collection of static images. In an uncompressed video, data is stored for every pixel in every frame.

Compression reviews the images, identifies repetitive or duplicate frames, and deletes the data for a non-essential frame, and replaces it with a reference for the other identical frame. This process groups similar pixels together, greatly reducing the file size.

There are two ways to compress videos—lossy and lossless.

Lossy compression

Lossy compression creates a smaller file size but at the cost of reduced video quality, which may or may not be noticeable to viewers. JPEG images, MP3 audio, and MPEG video formats are all examples of lossy compression techniques.

The term lossy refers to the fact that information is lost when extra or redundant data is removed from the file. With lossy compression, anything removed from the video in the compression process is lost forever.

File reduction through lossy compression may result in quality issues such as pixelation, blurring, or blockiness. The higher the ratio of lossy compression, the lower the resulting video quality will be.

Lossless compression

Lossless compression reduces file size without permanently deleting data. Instead, the compression process identifies redundancies in the video data and replaces duplicates with references to earlier instances of the same data pattern.

The lossless compression technique tends to create larger file sizes than lossy compression but the videos themselves have no reduction in quality.

When the end user decompresses the file, all the original information is present. With lossy compression, however, the original file cannot be retrieved after it has been compressed.

The importance of file compression

From videos to images, documents, and more, file compression can help enhance a company’s operations, workflows, and data security. Organizations that share large amounts of sensitive data must ensure that it is kept safe from unauthorized access, viruses, and other cybersecurity risks.

File compression offers several important benefits, including:

  • Data security. File compression can also encrypt data, securing it from unauthorized access. Encryption renders data unreadable to anyone without the proper encryption key or passcode.
  • Size reduction. Compressed files take up less storage space on hard drives or servers. The reduction in size depends on the file type—MP3s and JPEG images can be compressed by approximately 20%, while other types of files may be compressed by 50 to 90% depending on the data they contain.
  • Transmission time. The size of the file influences how long it takes to transmit. A compressed file transmits in 10% of the time that an uncompressed file would, so users spend less time waiting to receive and download information.

Five steps to compress a video using WinZip Enterprise

The best way to compress a video file is by zipping it with a solution such as WinZip® Enterprise. This process ensures that the file size is reduced without impacting its quality. You can zip a file in a few easy steps, and it will be just as easy for the recipient to unzip it.

Here’s how to compress a video for email using WinZip Enterprise:

  1. Save the video (or videos) you want to compress in an easily recognizable folder
  1. Right-click on the video and select “Send to > Compressed (zip) folder.”
  1. A zipped folder will appear in the same folder as your videos but contains a smaller file size than the original video.
  1. Right-click on the zipped folder to open it in WinZip Enterprise and access advanced file management tools.
  1. Compose your email message and click “Attach File.” Select the zipped file, attach it to the email, and send it.

Simplify and secure file compression with WinZip Enterprise

WinZip Enterprise compresses files without impacting data integrity or product quality. Reducing the file size through compression helps overcome email attachment size limits while also reducing the transmission time, benefiting both the sender and recipient.

WinZip Enterprise also enhances end-to-end data protection with bank and military-grade encryption. This solution uses file-based encryption (FBE), which encrypts each file with a unique key. This key controls who can access the data, protecting sensitive information from unauthorized users.

Learn more about the file compression benefits of WinZip Enterprise for your organization.

Healthcare cybersecurity threats and how to make your organization more secure 

From malware infections to ransomware attacks and everything in between, cybersecurity issues are a key concern in the healthcare industry. Cybercriminals or bad actors target healthcare organizations because of the large volume of sensitive data contained within a single healthcare record. According to the Department of Health and Human Services (HHS), protected health information (PHI) provides cybercriminals with more information than any other type of breached record.

Much of the data found in medical records is unalterable, which delivers ongoing value for bad actors. For example, it’s easy to cancel a compromised credit card number, but an individual’s health history is much more complex. Once the information is in the hands of bad actors, they can use it to commit medical identity theft not once, but many times over in the future.

Cybersecurity threats that compromise healthcare information can have severe consequences for the impacted organization and patients alike. In this article, we will look at recent examples of healthcare cybersecurity threats and detail the best practices to make your organization more secure.

Cybersecurity attacks against healthcare organizations

While all industries are at risk for cybersecurity incidents, the nature of the healthcare sector poses unique challenges. There is very little tolerance for downtime because system disruptions can directly impact patient care. Following a cyberattack, healthcare companies report adverse events such as increased patient mortality rates, procedural delays, and longer hospital stays.

Care delivery and patient safety are also why the healthcare sector is more likely to pay the ransom demand than any other industry. In 2021, 61% of healthcare companies paid the ransom rather than risk operational downtime that could adversely impact patient lives.

Once a company pays the ransom, there’s no guarantee they’ll get their data back. Even if they do, the data is often corrupted, creating new attack vectors for cybercriminals. In many cases, companies that pay the ransom demand are more likely to be targeted in subsequent attacks.

Healthcare companies are also vulnerable to cybersecurity threats due to outdated legacy systems. Medical equipment and devices often rely on proprietary software that focuses more on patient outcomes than cybersecurity concerns. Older equipment no longer receives vendor support, such as security patches and updates, which leaves the door open for potential threats.

For example, digital imaging equipment such as MRIs and x-ray machines tend to be in use for at least a decade, creating ample time in which modern security technologies can outpace the organization’s networks and software systems.

The healthcare sector experiences more cybersecurity incidents than any other industry. The following are just a few examples of recent attacks on healthcare entities:

  • In June 2022, a ransomware attack affected almost 60,000 patients of Vermont-based Lamoille Health Partners. The impacted individuals are suing the health center for allegations that it failed to properly protect patient data and then failed to notify patients of the ransomware attack.

  • A Texas hospital took all its systems offline in September 2022 after it was targeted in a ransomware attack. Despite efforts to contain the attack, sensitive data including personally protected information (PII) and PHI was compromised. Following the ransomware attack, it took several weeks to restore clinical systems.

  • Insurance provider, Florida Healthy Kids Corporation (FHKC), suffered a data breach in 2021 that compromised approximately $3.5 million records. Following the breach, FHKC discovered multiple website vulnerabilities that had gone unpatched by its hosting vendor over a 7-year period. Hackers exploited these flaws to access parts of the website and alter the data of thousands of enrollees and applications.

  • The health department for New Haven, a city in Connecticut, experienced a 2017 data breach that compromised the PHI of 498 individuals. The subsequent investigation found that the breach was triggered by a former employee of the New Haven Health Department. After her termination, the former employee copied sensitive data to a USB drive and continued to access the department’s networks using her login credentials. The city had to pay more than $200,000 in financial penalties for violating HIPAA rules.

Best practices for securing healthcare data

The healthcare industry is facing an uphill battle when it comes to mitigating cybersecurity threats. On average, only 4–7% of a healthcare organization’s IT budget is dedicated to cybersecurity measures. This makes it especially challenging to secure data and meet compliance objectives, but the high risk and cost of not doing so makes cybersecurity paramount in the healthcare sector.

The following best practices can help safeguard sensitive information and keep the data handled by healthcare companies secure:

Restrict access to information and applications

In 2021, nearly 20% of data breaches were caused by stolen or compromised account credentials. Access controls can help healthcare companies prevent unauthorized access to sensitive data, such as when a former health department employee compromised hundreds of PHI files.

To ensure only authorized individuals can access applications and data, access controls commonly leverage user verification practices such as multi-factor authentication (MFA). MFA uses two or more credentials to verify a user’s identity. This adds multiple layers of defense to networks, devices, and databases and makes it more difficult for unauthorized individuals to infiltrate organizational resources.

Classify and encrypt sensitive files

The Entrust 2022 Global Encryption Trends Study found that approximately 62% of companies have a consistent encryption strategy in place. According to study respondents, challenges in finding and classifying organizational data lead to gaps in data security. Data classification categorizes information based on its type, its sensitivity, and the potential consequences of its compromise. For example, PHI falls under the most sensitive data classification level and requires greater risk controls to safeguard against internal and external threats.

File-level encryption ensures that only authorized users can access and interact with the data. In the event of a data breach, encryption makes the difference in whether the affected organization is subject to HIPAA’s Breach Notification Rule. Failing to implement appropriate security measures, including encryption, can lead to costly penalties for HIPAA violations.

Leverage enterprise-level solutions

Consumer-grade software solutions are not sufficient when it comes to healthcare cybersecurity. They do not offer the same access and security controls needed to manage sensitive data and satisfy compliance requirements. In the face of ongoing cybersecurity threats, WinZip® Enterprise gives healthcare organizations a complete set of tools to secure and manage files.

A fully customizable solution, WinZip Enterprise makes it easy for admins to establish and enforce best practices such as access controls, multifactor authentication, and file encryption. It also natively integrates with several HIPAA-compliant cloud storage services, such as AWS, OneDrive, and G Suite.

Find out how WinZip Enterprise keeps healthcare organizations secure from cybersecurity threats.

Log4j vulnerability not in WinZip product

A special notice for WinZip customers.

WinZip prioritizes the security of our products. Last week, when security researchers discovered a significant vulnerability (CVE-2021-44228) in the widely used Apache logging utility log4j 2.0-beta9 to 2.14.1, our security team conducted an immediate investigation to determine if the vulnerability impacted our products.

WinZip does not use any version of the log4j libraries. As a result, we have no reason to believe that this recent vulnerability exists within WinZip products.

We understand that this security vulnerability is a major source of worry for our customers. If you have questions, please contact WinZip support here.

WinZip is continuously monitoring the situation and will communicate any updates appropriately.

How to easily enable enterprise file sharing

File sharing is an integral component of business operations, enabling collaboration among team members and allowing users to access the information they need to do their jobs. But without proper protection methods in place, insecure file transfers can jeopardize an organization’s data integrity.

For large companies that handle sensitive data (e.g., personal, financial, and health information), failing to protect data can have severe consequences, including violations, fines, and loss of business integrity.

Potential breaches can be costly, both financially and in the damage done to the organization’s reputation. The highest average data breach costs are attributed to businesses with 10,000–25,000 employees, adding up to over $5.5 million in 2021.

In this article, we’ll explain the importance of enterprise-grade file sharing services and how solutions like WinZip® Enterprise provide comprehensive data protection no matter where and how your files are shared.

What is enterprise file sharing?

Any computer-savvy user can easily attach a document to an email or upload documents to a public folder to share. While these processes are familiar and effective for getting your file to the right recipient, they aren’t secure enough for important business activities.

Consumer-grade file sharing plathttps://blog.winzip.com/enterprise-cloud-file-sharing-and-storage/forms (e.g., personal Dropbox or Google Drive accounts) do not offer the same level of protection as enterprise file sharing solutions.

Most public, server-based transfer services employ File Transfer Protocol (FTP). This file sharing method is easy to use, but its simplicity comes at the cost of a lack of security controls and visibility into file transfer processes.

For example, FTP does not use encryption, instead relying on clear-text usernames and passwords to authenticate transfers.

Enterprise file sharing tools, on the other hand, offer control, security, and customization features that you typically don’t find in consumer-grade alternatives.

Enterprise file sharing tools typically include the following features:

  • Advanced encryption capabilities, protecting data in transit and at rest with military-grade Federal Information Processing Standards (FIPS) 140-2 and Advanced Encryption Standards (AES).

  • Adherence to compliance requirements, including the Health Insurance Portability and Accountability Act (HIPAA), Defense Federal Acquisition Regulation Supplement (DFARS), and General Data Protection Regulation (GDPR).

  • Integration with and customizable control access to leading storage providers, message platforms and other services.

  • Enhanced file transfer and processing controls, such as the ability to split files for faster, more efficient sharing.

Another feature of business file sharing is tracking. Every time a file is moved, edited, or deleted, that action is recorded by the system. Using this record, businesses can review activity to pinpoint exactly who opened a document, and from where.

If there is an insider attack, the time and access point are easy to determine, potentially saving the company money and minimizing damage.

How can you securely manage sensitive data with enterprise file sharing?

Cyberattacks have become commonplace: On average, there are over 1,200 data breaches per year. To safely manage and move massive amounts of data, many businesses are turning to enterprise file sharing. Sensitive data falls under two broad categories: regulated data and unregulated data.

Regulated data is the most straightforward type of sensitive data. It includes information that must always stay confidential, such as Social Security numbers, credit card information, and protected health data.

Unregulated data, however, may be lurking in documents or files that do not appear sensitive at face value.

For example, documents such as customer surveys can contain sensitive information that must be protected. If a customer provides only their first and last name, it may not identify them outright, since there may be multiple people with the same name. However, add in a phone number, email, or home address, and this information suddenly becomes sensitive.

Additional details such as gender or date of birth could also be categorized as sensitive when paired with other identifying data. “Jordan Smith” may be anonymous, but a female named Jordan Smith born on January 1, 2001, is a very specific and easily identifiable individual. Documents containing this level of information must be protected by a robust security solution.

Enterprise-level organizations collect and generate vast amounts of unregulated data. Examples include:

  • Intellectual property

  • Trade secrets

  • Customer lists

  • Internal operations documents

  • Databases

  • Internal reports

  • Marketing and/or sales tactics

  • Supplier/vendor lists

  • Strategy documents

In other words, allowing this data to be shared without securing it first can be extremely risky.

Enable secure business file sharing with WinZip Enterprise

WinZip Enterprise secures the file sharing process for all company users from start to finish. In just a few steps, you can encrypt files, upload them, and share them with any desired parties.

When files need to be accessible to more than one party, they are typically hosted in the cloud for easy access. WinZip Enterprise can be configured to integrate with leading enterprise-level cloud storage providers, including SharePoint, OneDrive, and Dropbox.

Files being shared between two individuals can be easily enabled via email, instant messaging, and even social media. Using expiration-enabled links, users can share files across instant message and social platforms such as Microsoft Teams, Slack, Google Hangouts, and Twitter.

With WinZip Enterprise, secure file sharing via email is enabled only through Outlook, ensuring that users cannot send files through unapproved and potentially less secure email platforms.

When documents are shared, updated, and shared again, multiple outdated copies tend to float around in your system. WinZip Enterprise identifies and deletes duplicate files, eliminating redundancies and preventing issues caused by accessing out-of-date documents.

Maintaining a single copy of each file also drastically reduces the necessary storage space and increases processing speed.

It’s essential for businesses to be able to customize and scale their file sharing solutions according to their needs. From user interfaces to automated backups to integrating with current systems, molding a file sharing system to your specific requirements minimizes downtime and disruptions. This helps prevent productivity decline while allowing you to maintain business continuity.

To this end, WinZip Enterprise gives IT teams the ability to disable unnecessary features, hiding them from the end user view and eliminating unnecessary distractions. IT administrators can also scale the solution up or down to handle the company’s needs appropriately.

There are plenty of benefits for end users, too. The interface of WinZip Enterprise is easy to navigate, which increases adoption speed while reducing frustration and errors.

WinZip features top-tier AES encryption methods that comply with all major standards, including FIPS 140-2 and FIPS 197, ensuring that your information is delivered safe and intact.

Additional features, such as password protection for encrypted file deletion, keep important information from being accidentally or maliciously erased.

WinZip Enterprise is a comprehensive solution for fast, easy, and secure business file sharing. Request a free Proof of Concept to learn more.

What Is AES Encryption, and why is it important?

Data security is a necessity for modern businesses, and encryption is one of the more common ways to protect sensitive information. But what kind of encryption is right for your business?

Advanced Encryption Standard (AES) is an encryption strategy developed for the US government in 1997, but it is available for any business that needs high-level security measures.

Why Did AES Replace DES?

AES was implemented in 2000 as a replacement for what’s known as the Data Encryption Standard (DES). At the time, DES was the most widely used encryption method, but as technology (and by association, cyberattack strength) advanced, DES quickly became outdated.

Both AES and DES are block ciphers, meaning they encrypt chunks of data rather than individual characters. This method ensures that identical text is encrypted differently each time it appears. That variance adds an extra level of protection for hackers who may find their way into a portion of your data.

Block ciphers use symmetric keys to encrypt and decrypt data. Symmetric means that both the sender and recipient must have the same private encryption key to package and view the data.

If the wrong key is used, the information remains a jumbled mass of nonsensical characters. Once the correct key is applied, the information becomes legible once again.

DES used a 64-bit block cipher, with a 56-bit key, so each plaintext block of 64 bits is encrypted as a single entity. (Bits are binary digits, or the zeros and ones that are used in computer programming languages). The encryption process goes through several rounds of changes to produce a heavily modified and unrecognizable version of the original, or plaintext, data.

Although the US government quickly adopted DES in the 1970s to protect its most sensitive information, over time, testing proved that technology had advanced beyond the protection capabilities of DES.

In the late 1990s, three tests were conducted where participants attempted to decrypt blocks of information without the key. The breach was successful each time, with the first test taking 84 days to complete, the second taking roughly a month, and the third taking less than one day. Today, it would take just 362 seconds.

One of the main takeaways from these tests was that the DES key size was too small. A longer key would make it more difficult for malicious parties to break the code and decrypt the data.

After weighing the advantages and disadvantages of several potential replacement systems via a public contest, AES encryption was selected as the new standard for government data security.

Why Is AES the Preferred Data Protection Method?

Block size and key length are among the many reasons for implementing AES. For example, while DES uses 64-bit blocks, AES encrypts data in 128-bit blocks. AES also handles this encryption at the byte level rather than bit level.

A byte is eight bits, so this results in faster encryption and decryption times when the proper key is applied.

Another strength of AES is its variable key length. The symmetric keys can be 128, 192, or 296 bits. The longer the key, the more difficult it is to hack.

Brute force attacks are when a malicious party attempts to obtain the key via trial and error. This is the only way to break AES encryption. A 256-bit key boasts 2256 possible combinations, making it nearly impossible to crack.

Once a key has been selected, it goes through the appropriate number of encryption rounds, where changes and substitutions are applied to the text. AES 128 uses 10 rounds, AES 192 uses 12 rounds, and AES 256 uses 14 rounds.

Each round of encryption involves steps such as substituting bytes, shifting rows, and adding keys. The more rounds a block of text goes through, the more difficult it is to decode without the proper key.

Of course, there is a tradeoff between the level of security and the amount of bandwidth required to support and process the encryption.

For example, 256-bit encryption will be a longer and more resource-intensive process than 128-bit, but the increased security and virtually impossible-to-crack key make it a highly preferred method of securing data.

Is AES Encryption the Right Choice for Your Company?

AES was developed to provide the highest level of security for the most sensitive data. The National Security Agency (NSA) and other agencies selected this method as the US government’s security standard due to its extensive, impenetrable protection. AES is also used across many other government agencies and industries.

  • Healthcare companies benefit from AES by encrypting their extensive databases of patient files, including medical history and personal information. The National Institute of Standards and Technology (NIST) recommends using AES to meet Health Insurance Portability and Accountability Act (HIPAA) regulations.

  • Banks and other financial institutions rely on AES encryption to protect their customers’ personal and transactional information.

  • Insurance companies such as Aetna use AES to mitigate risk exposure in specific devices that are used to access customer information.

Even if your business doesn’t fall under the umbrellas of government, healthcare, or finance, you can still employ the same level of security. Any precious information should be stored as safely as possible, and it might surprise you to know how many industries outside of the government have already adopted AES.

In fact, as of 2021, AES is the world’s most popular data protection method.

Wi-Fi networks, Google Cloud, Facebook Messenger, Java programming, and many password managers use AES encryption to protect sensitive data.

This wide variety of applications shows that you can adapt AES for nearly any environment, and it’s secure enough for even the most sensitive data.

How WinZip Enterprise Uses AES to Keep Your Data Safe

WinZip® Enterprise uses AES encryption and supports both 128-bit and 256-bit encryption keys, so your company’s level of data protection can be customized based on your specific needs.

This encryption can be combined with customizable password security requirements (e.g., letters, numbers, special characters, and capitalization) to make unauthorized decryption virtually impossible.

AES encryption in WinZip Enterprise is also Federal Information Processing Standards (FIPS) 140-2 compliant, meaning it meets standards created to guide government agencies and associated contractors and vendors in data protection.

Like AES, these guidelines were initially intended for government use, but have since been extended for application in everyday situations for any business that has sensitive data to protect.

Although the encryption process itself is complex, WinZip Enterprise makes it easy for users to operate. Just select the encryption level you prefer, set a password, and you’re done. With the solution’s lightning-fast processors, less time is needed to securely encrypt large amounts of your most precious data.

Learn more about the unsurpassed data encryption features of WinZip Enterprise today.

Learn more about WinZip Enterprise today!

Get a Quote

Connect With Us