Email Security
You might assume that email messages are not seen by anyone but you, the sender,
and he person you send the message to. But that is not at all the case. Email messages
and their content are exposed to many parties as they pass through the internet
on their way from you to your recipients.
The fact is that for most of us email message confidentiality doesn’t really exist.
Emails should be treated like postcards. That's the current wisdom. However, things
have changed over recent years and we need to start thinking about email security.
The most obvious change is the huge increase in the use of email in commerce. You
can email a contract, have it signed, scanned and returned again by email in minutes,
at minimal cost. Unfortunately the open nature of the internet means that a sealed
envelope is currently more secure.
Another change is that seemingly irrelevant informataion can now be valuable, because
it allows someone to impersonate you on the web. For example, knowing the name of
your pet could allow someone to guess a password.
Nevertheless the incredible speed of email demands that we use it or fall behind
our competitors. Today legal documents, accounts, tax returns and medical records
are all being sent as email attachments.
There are several reasons why you might want to secure email messages:
-
A general or moral responsibility to protect someone's personal details. If you
don't you might be putting them at risk.
-
A responsibility to your company or organisation to protect them from leaks of information.
-
A duty to your clients to protect data which you hold on them.
-
Legal requirements to protect personal data such as HIPAA, GLBA, CA SB-1386 and Sarbanes-Oxley.
-
Self interest. If you show clients that you are concerned about protecting their
data it has to be good for business.
So, lots of reasons to secure your emails, but what's particularly weak about email?
There are two important areas where email is vulnerable:
-
emails in transit
-
emails on your PC
All emails in transit via the internet are at risk of being scanned by various legal
and illegal organizations. Just like offshore oil goes through a few big pipes,
email traffic is funnelled into the internet backbone and its not difficult for
the government to scan everything. Thats not too serious for most of us, except
as a matter of principle. However, if they can do it who else can do it? We don’t
know, and that alone should give us cause for concern. Moreover, the government
has shown recently that it will act on information collected that is unrelated to
any specific investigation, essentially trolling for prosecutions.
The other interesting thing about emails in transit is that they leave traces. These
traces are essentially copies of your emails on the servers they pass through en
route. Far from being confidential between sender and receiver, copies of your emails
are
replicated, stored and backed up all over the internet.
Again, the problem is not only that the legitimate authorities can access this data,
it's the fact that the unknown organisations holding the data have staff who come
and go. There are infinite possibilities for breaches of security.
The second area of risk for emails is on the two PCs or other devices at either
end of the chain. These can be anything from desktop PCs to laptops to Blackberries,
any of which can be stolen or lost. One problem is with Microsoft Outlook itself,
which stores incoming and outgoing emails in various folders. For example, when
you send an email a copy goes into Sent Items. Have a look on your PC and
see how many emails are stored in Outlook.
When you delete them they just get moved to the Deleted Items folder. Even if you
delete them from there, guess what, they are still not deleted, they remain on disc.
Your PC and email passwords don't really offer any protection.The only real security
for email and stolen laptops is for the files to be encrypted. Encryption is the
only answer, and not just any old encryption. It has to be something called RSA
Public/Private Key encryption. Encryption
is a fascinating subject which dates back to ancient times. It was crucial to the
outcome of World War II. Today we use
it every time we pay by credit card on the internet. The future is more and more
use of encryption to protect data.
So, where do we get this RSA Public/Private Key encryption? Well, actually
Microsoft already provide it for Outlook. They call it S/MIME. Unfortunately almost
nobody uses it. Why is that? The reason is that S/MIME insists that everyone
using it has to purchase and maintain something called a Digital Certificate.
A Digital Certificate is a set of encryption keys and a certificate of identity.
They are actually very useful for credit card transactions on the web. For example,
when you buy something from Amazon, you need to know that the website is not a fake.
That’s what the Digital Certificate does.
Now,
it's one thing verifying who Amazon is but quite another to verify who John
Smith is. Digital Certificates are totally inappropriate for email security, and
can actually reduce your security. The reason for that is that Digital Certificates
are issued by private companies which can change hands. They also have staff who
come and go. Do we really want these people to hold our personal data and encryption
keys?
The third problem with Digital Certificates you can prove yourself – try buying
one! It's a complex and bewildering experience and it costs money. Even if you succeed
in buying and installing one, you can only use it for email contacts who have also
managed to aquire one. Thats why nobody uses S/MIME for email security.
What you need for email security is a product with the following three features:
-
It has to be easy to use. Encryption is a complex process and the user does not
want to be involved in the details.
-
It has to be secure. The encryption algorithm has to use a published standard methodology,
specifically RSA, and use big encryption keys.
-
It needs to get around the requirement for Digital Certificates without compromising
security.
Our solution is called Person To Person, because it concentrates on the user at
each end of the chain. They are the only two people involved. There are no administrators
in between who might have access to your keys.
The clever aspect of PTP is that it doesn’t just encrypt an email, it encrypts it
for someone.
After that, only that one person can ever read the email. Even
you can’t decrypt it once you have encrypted it for someone else.
The email remains encrypted in your Outlook folders. It remains encrypted in transit
and it gets stored in Outlook at the other end as an encrypted file. All the potential
security loopholes outlined already have therefore been plugged.
So its completely
safe.
|