When the developers of TrueCrypt delivered the bombshell that they were abandoning their popular open source encryption program, it left many organizations in a hugely difficult position. Should they continue to use it, or heed the developers’ advice that it was no longer secure and switch to another encryption product?