Email Encryption: Protecting Yourself and Your Information

Email Encryption: Protecting Yourself and Your Information

blog


You decided to write a steamy email to your lover late at night from your home computer.  Pet names were used as well as some other language that, if anyone else but your lover saw, you would just die of embarrassment. The problem is you did not use any form of encryption on your email at all because you thought that encryption was only for governments and big corporations. Now, your favorite pet names and steamy details have been read by:

  •     Anyone at your email or Internet provider who wants to
  •     Anyone at your lover’s email or Internet provider who wants to
  •     Anyone who works at any of the places in between that house the routers that handled the data from your email who wants to.

Your secrets are not safe when you do not use encryption on your email.  While this situation is personally embarrassing, imagine how devastating this would have been if it were a corporate email sent speaking about the release details of their newest offering in the technology world.  The competition now has them and you might as well begin again at the drawing board, assuming that you still have a job.  With this article we hope to help you set up email encryption for your computers so that these situations never have to become a personal reality.

Software Solutions


Perhaps the simplest and least aggravating approach to applying encryption to your email messages is to make use of one of the many software solutions out there.  The very oldest and most well-known software for this would be PGP (Pretty Good Protection).

Using 128-bit encryption, this software (which is now owned by Symantec, creators of Norton) takes a lot of the guesswork out of the encryption experience by automatically discovering certificates and keys as needed and automatically encrypting all sent and received email without the user needing to do much of anything.  This particular software supports both common forms of encryption, S/MIME and OpenPGP, and uses a proxy as a method of keeping your information secure.

If you are brand new to encryption, then you would do well to look past the price tag, and realize that you are buying a lot of peace of mind.  This software is highly recommended as it does not disrupt the recipient or the senders email experience at all.

Client-based solutions

Many email clients now offer the ability to send and receive encrypted email through the use of settings within the program itself or add-on programs for the client.  At this time, the two most well-known clients for offering these options are:

  •     Microsoft Outlook
  •     Mozilla Thunderbird

Microsoft Outlook uses what they call a digital ID, which is essentially a personal security certificate for your email that gets sent to the email recipient for encryption along with your message.  If the recipient does not have your digital ID, they cannot read your encrypted emails (although you will be given an option to send it in unencrypted formatting in this case).

Mozilla Thunderbird makes use of an add-on called Enigmail in order to facilitate encrypted email sending and receiving.  Once Enigmail is installed on your Thunderbird client, then it can and will automatically encrypt, decrypt and manage all encryptions keys for you, making it a very simple option for those who just want the basics. It can be expanded upon by also downloading GNUpg which allows for further cryptographic functions.

There are other email clients also offering similar features.  However these two are the easiest and most straightforward to configure on your own without having to call your local techy friend for help.  If you wish to go ahead and plunge in deeper, by all means do so, but make certain that you read the manual: incomplete or incorrect security is about the same as no security.

Don’t want to bother with encryption? There are other ways.

Without encryption you will always lose some information to easily readable sources.  However, if for some reason you do not want to engage in encryption use, here are some suggestions on how to keep yourself as safe as possible.
  •     Make absolutely certain that you have two different email addresses. Use one for a small list of well-known friends and associates and the second email address for mailing lists and other more open forum email and subscription mail.
  •     When creating your personal email, keep it simple and professional such as using your first initial and your last name.
  •     When creating your public email do not use any kind of personally identifiable information.
  •     When emailing back and forth, do not send any information that you do not wish to be read by everyone on the World Wide Web at any time. This includes; names, addresses, phone numbers or passwords.
  •     Do not open email from sources that you have any reason to be wary of.
  •     Again, use an antivirus program that offers email scanning.
  •     For goodness sake, do not send personal email from a work email address.  More often than not, these email addresses are monitored by your company and their contents can get you in trouble!  This is more a precaution on their part than a danger on yours, as they usually have plenty of security procedures in place on their end as well.  Still, this danger potentially takes the form of unemployment.  If anything, learn from your employer’s security procedures, and consider implementing the same thing on a personal level.

If you follow these steps, you should be able to keep yourself relatively safe while emailing.

It’s privacy, and it’s personal

In the end, only you can decide how much encryption is comfortable for you to use.  Privacy is a personal matter and must be seen to in accordance with personal comfort levels.  More privacy is more secure, but it is also more work.  How much work you want to do is up to you.

There are people out there whose entire computer systems and networks are encrypted. They often do not do so for any reason other than they can, and that they enjoy that level of privacy not because they have something to hide. There are those who will only encrypt their emails and be happy with that.  Then there are those who trust their firewalls and antivirus programs to do their jobs and keep them safe. Whatever you choose, just be aware of the basics of how email security works, and you should be able to find the comfort level that’s right for you.