Recent cyber security headlines provide plenty of reasons one might be driven to protect email from anyone other than the intended recipient. This is especially true for businesses where exchanging email across the public Internet has become an everyday practice, including sharing of client-specific, proprietary or otherwise secure information. The potential negative impact of even a single compromised email could be devastating to a company. While the task of implementing a solution to encrypt email is not trivial, it is much easier and more affordable than in the past.
One option, and one that was historically relegated to large corporations with substantial IT departments, is to establish an encryption key framework using a Public Key Infrastructure (PKI) solution. While availability and costs have come down for PKI implementations, and more tools are available to help manage a PKI, it can still be cumbersome and seem out of reach for small business owners. In simple terms, you would obtain a set of keys from a Certificate Authority, one public and one private. Email being sent to you would be encrypted with the public key, which you would then decrypt with your private key. This can be done both at the email server and the end user desktop.
A second option is to use a secure email service and client. Do not be fooled to think your email is protected just because your email client is secure, or that if you are using SSL / TLS to communicate with your email server. Once email leaves your domain and travels across the public Internet to reach your target, all hops may or may not - and probably do not - use secure transmission protocols. The reality is neither SSL nor TLS provide end-to-end security. They only secure the Client / Server communication. Secure email services that do encrypt email are available, but the trade-off is you are entrusting a service provider with the task of securing your emails.
A third option is to implement a software solution designed to simplify the overall management of email security. Be sure the software solution you consider can scan both inbound and outbound messages for these threats and prevent them from impacting your business or your reputation. Software tools, like BCC's MailProtect, are available that help simplify the complexities of PKI key management, enforce encryption rules and centralize the task of creating policies and profiles. Centralized management drives better consistency across multiple email servers, and better overall policies as well as compliance by relieving the end user from having to make on-the-fly decisions about when to use encryption. One potential drawback to encrypted email is that it is not readily available for anti-virus or malware scanning, but MailProtect can do both encryption and also virus/malware scanning.
While one could argue that a fourth option would be to simply not allow sending any email with information you want kept private, that is not realistic. MailProtect can also defend against this argument since it can do content scanning and quarantine email that have trigger words found in them.
What solution is right for you will depend on things like the number of email clients you have in your organization, the size and capacity of your IT department, if your email servers are self-hosted, and even regulatory requirements. But in today's world, with cyber criminals and even governments scouring the Internet for actionable intelligence, the mandate to protect email should be clear.
Want to protect your email today?