Why would anyone, especially you want to encrypt your email?
According to Statista, 269 billion e-mails were sent out in 2017. That is about 737 million e-mails a day. Those are big numbers and according to Google’s transparency report, many e-mail providers do not encrypt e-mails in transit. So, while e-mails are extremely convenient for sending information and documents, from a security standpoint it is not the ideal method to send sensitive or confidential information.
That being said, the e-mail culture has been ingrained into our daily lives and to stop using it would akin to losing a limb (metaphorically of course!). This is where data encryption takes the stage. By encrypting your e-mail or documents before they are sent out, nobody other then the intended recipient would be able to access the contents.
Still unsure if you need encryption? Check out some of the reasons we came up with below:-
- Sending e-mails with private or confidential information (e.g. address, security number, bank account number)
- Ever sent an e-mail to the wrong person?
- If you work on unsecured networks (e.g. public WiFi or Hotspots)
- The possibility of the recipients e-mail account being compromised is a concern to you
- Local regulations require you to implement sufficient measures to protect against theft of data
What type of Encryption solutions are available?
A few different encryption solutions exist, each with their own benefits and issues.
- If you are are a fan of open source, then GNU Privacy Guard is worth checking out. Users can generate a encrypted digital signature as a form of verification that documents sent are from them and not from anyone else. More importantly GNUPG allows users to generate a private and public for e-mail encryption.For example, if Kai if wanted to send you an e-mail, he would use your public key to encrypt it and you would use your private key to unlock the contents. If you wanted to send Kai an e-mail, you would use his public key to encrypt the contents and he would use his private key to unlock it.As you can see, this method a type of asymmetric cryptosystem, allows users to securely exchange information through the use of keypairs and it is currently impossible to derive the private key from the public key which is shared. However the downside for this is speed. Having to manage a few public keys is relatively simple. However, imagine a scenario where you have to send hundreds of e-mails to hundreds of people using this method. Encrypting each e-mail with different public key can be a challenge.
- Another alternative is using a symmetric cryptosystem, which only requires one password to encrypt and decrypt a document. For example, if Kai wanted to send you a document, he would encrpyt it with the password “XXXXX”. For you to unlock that document, the same password “XXXXX” would be used. This method is significantly faster. However the challenge here is getting the password across without having it compromised during transmission.Some organisations also use a variation of this system. When sending personal information unique to a user, they encrypt the document with a password generated through a set of rules. For example, when a bank sends its credit statement, the system automatically creates a password that is based on the combination of your birthday digits and last few numbers of your mobile phone. This is a basic level of protection, as anyone who is able to obtain these details can easily unlock your documents.
- A third solution, is to use a secure e-email gateway for sending and receiving of e-mails. More details on this can be found in the next paragraph.
How can I implement E-mail Encryption in my organisation?
Prior to deciding on a solution, some of criteria of assessment would be “ease of use” and the level of security provided. In some cases, organisations have to trade off functionality for user intuitive interfaces and vice versa.
Deltagon’s Secure Gateway provides customers with a user friendly interface without compromise on functionality. Compatibility with various platforms and seamless integration with popular web clients ensures minimal disruption or change to your existing work style. With our powerful rule-based engine, administrators can be assured that sensitive e-mails are automatically encrypted and reach the intended recipients. Multiple levels of protection are offered and can be easily selected based on the level of security required.
One key advantage of using a secured gateway is that recipients do not need to install any software to communicate with you securely. Instead they can directly respond through the gateway; similar to popular e-mail clients. Hosting can be on-premise or on cloud and configured to integrate with existing security solutions.
To find out more about click here or contact us for a free demo.