Making email secure is just not that difficult

Email security is not the problem—it’s how we use email that is the problem. There has been no lack of press and attention regarding the insecurity of email and the consequences of account hacking. Look no further than the latest elections, the Sony Pictures hack, the latest Yahoo compromise, etc. We hear about the problem all the time. What is missing from all the discussion is how to solve the problem.

Keeping emails secure can be simpler—and more necessary—than many people realize.

Keeping emails secure can be simpler—and more necessary—than many people realize.

Email in its stock form is inherently insecure but that does not mean that it must stay that way. With a little bit of effort, one can confidently send secure email with virtually no risk of the contents being compromised. 

An analogy is that of a car and a seat belt. Cars are useful and largely safe. But we can make them safer by buckling up. While seat belts were not used regularly for many years, today, we understand their benefit and they are widely used. We need to make email safe and secure and we can do this when email encryption becomes as widely used. So get ready to buckle up before sending.

Email Suffers From Two Problems: 

The first problem is that the content of your e-mails is readable when the email is “at rest” (stored on either your system or on the corporate or cloud-based server such as Gmail). Emails that are at rest can be easily read by any administrator with rights to administer the system or by anyone with your e-mail address and password.

The second problem is guaranteeing your identity or the identity of someone sending you an email. Your identity or that of any sender can easily be spoofed. You have no way to be confident that the email you received was from who it claims to be, nor can anyone be confident that email from you came from you. All one needs is a friendly email server (i.e., one where you have administrator rights) to spoof email “To:” and “From:” addresses.

While these problems are significant, there is a great and relatively easy way to buckle up when using email that solves both problems. 

Encrypting your emails end to end (E2E) from within the email client solves the problem by ensuring that they are safe and secure at rest (and in flight). Your content might get hacked but the hackers wouldn’t be able to read the content because it is encrypted. If your account has been compromised such that a third party has access, they wouldn’t have access to your encryption keys and thus couldn’t decrypt your content. 

The second problem is solved with a technology that is closely related to encryption called Signing. When an email is signed electronically, it guarantees that the sender is as advertised. 

How does one get these protections? First, both sides of the communication need to agree to participate. It also takes an extra step, like buckling up your seat belt—you need to press a button (within your email client) to secure your email. 

Modern encryption products such as those offered by Trustera let you encrypt and sign your emails using your existing email accounts and using whatever platform you might like to consume and send emails. Trustera supports iPhone/iPad, Android, Mac, Windows, and Windows Outlook. 

Much like with buckling up or backing up your data, we all know we should be more secure with our messaging and now we easily can. There is no better time than now to start encrypting your emails. It is just not that hard to make email safe and secure. Though the hackers hope you don’t. - NAPSI

Posted on June 3, 2017 .