Published on December 17th, 2014 | by Guest0
How Does Email Encryption Work and How Secure is it?
Companies and individuals can benefit from email encryption. Encryption ensures that sensitive information is not accessible to anyone other than the intended recipient of an email, so personal or business information can stay safe from prying eyes. There are several types of encryption from which to choose, and determining which is best in each situation depends upon the needs of the user. The email encryption methods outlined below vary in levels of security as noted.
Adding an email encryption software plug-in is often the easiest option when security of email communication is important. These plug-ins are designed to be used with certain email clients, and users can easily determine which plug-ins are compatible to get started.
Software plug-ins are widely available, and many of these plug-ins can be installed at no cost to the user. Depending on the plug-in that is used, this encryption option can support both HTML and plain text emails, and it may be possible to secure information that is retrieved and transmitted from multiple email accounts.
Determining which plug-in offers the highest level of security requires users to review the ratings of each software option for their email client. Using a high-ranking software or plug-in ensures that information will be kept secure as it is transmitted via email.
Many email encryption solutions are based on the OpenPGP standard, and some of these solutions operate as plug-in elements. A popular free plug-in for email encryption is Enigmail, which works in conjunction with the Mozilla Thunderbird mail client and the SeaMonkey Internet suite. Enigmail is not exactly a one-click solution; it requires installation of the GNU Privacy Guard as well as following quite a few steps.
Users who want a simpler email encryption plug-in solution may want to evaluate ArticSoft OpenPGP software, which is a premium package that can pretty much encrypt all electronic files and features easy installation.
Email Security Certificates
Email certificates are effective if both senders and recipients have these certificates. Public keys are assigned to companies or individuals with a certificate, and these keys are used to encrypt and decrypt emails that are sent back and forth between the two parties.
While email certificates offer a high level of security, users do have to have some technical knowledge in order to utilize them. An IT professional can assist a business with the application of email certificates, but this will be an added expense that needs to be factored in when companies are determining the cost of email security.
Another downside to the use of email certificates is that this method of email encryption is only completely effective if both parties are using it. Establishing a secure line of communication requires additional steps as the sender needs to verify their identity before secure emails can be sent.
Secure Sockets Layer (SSL) certificates based on digital signatures can be obtained for free from Comodo. This certificate comes with two private key options: 1024 and 2048 bits, and it makes it easy to apply digital signatures to email correspondence. The Comodo certificate also features integration with popular software applications such as Microsoft Office.
Symantec is a very familiar name in online security. This company offers a personal digital ID solution for secure email on an affordable, annual subscription basis. As with other Symantec products, installation of this certificate is seamless and it integrates with most popular software applications used for personal or business purposes. This solution allows simultaneous digital signing and encryption.
A third-party email encryption service requires the sender to utilize a website in order to send emails that they would like to encrypt. This is the easiest method of encrypting email because the user does not have to have any technical knowledge or skill in order to keep their emails secure.
However, security with third-party encryption varies from one website to the next. There are some unsavory websites that attempt to collect private information by posing as an email encryption service provider, so it is essential for users to do their own research to determine which websites are safe.
Hushmail is a very popular Web service that offers encryption and privacy for free. Hushmail is recommended for anyone who has used a major Web-based email provider such as Gmail and Hotmail. This service can be tried for free, but it must be noted that the company and servers are based in Canada, which means that Hushmail is subject to Canadian law and mutual treaties with the United States when it comes to turning over email correspondence and user identification.
A paid option, Egress, combines desktop-based encryption and security with a remote-based hosting solution to ensure that users have control of just how secure their email and file transfer operations should be. A neat feature of Egress is that it extends security to email recipients at no cost, thereby promoting trust between two parties while only requiring a subscription from one of them.
Email encryption is an important part of staying secure while communicating online. The right method of an individual or business depends upon the needs and technical skill of the user.