The software encryption of e-mail security technologies are specialized in the protection of confidentiality and integrity of e-mail attachments and annexes, in transit or in archives. It is a technology which has been discussed for several years but now the tools available are more mature and consolidated, notevolemente simplifying the process of use.
How does a software encryption of mail
A software email encryption attempt to counter the risks of the interception of information on the net. At the level of defaults email is generally protected by protocols such as SSL / TLS, and is transmitted in clear text over local networks and over the Internet.
As a result, the content of e-mail messages, as well as their attachments, can be intercepted and read by a hacker during transit between the sender and receiver (not to mention the vulnerability associated with e-mail stored on a server). This creates obvious problems when sensitive data is sent via e-mail, even between two users within the same organization. To infect a host with a malware, it is sufficient to intercept an e-mail and the transmission of sensitive information.
Because today this type of products is essential
To counter such risks, organizations implement a software encryption of e-mail to encrypt any e-mail attachments and annexes sensitive (and in some cases, every single email) before sending. It is for the recipient then decrypt messages and attachments.
In the past the email encryption for users was a complex process: it was difficult to codify that decrypt. Developing a system for the management of cryptographic keys ( Cryptographic Key Management – CKM ) is a non-trivial challenge. Therefore, by moving the complexity in the back end, software encryption and email have had no need to simplify the operation for the front end, while cutting down on training to users.
There are different formulas of service and product for e-mail encryption. Below is a list:
- Cryptographic Services of Web-based e-mail such as, for example, and Sendinc JumbleMe
Security Services of the hosted email, for example, Hushmail, CounterMail or Neomailbox
Encryption capabilities built into the e-mail client e-mail
In this article we will analyze the products of email encryption software operating in the e-mail system of a company instead of replacing it.
The software architecture of email encryption
There is a standard architecture for encryption products and email. Generally, the heart of the product is a software gateway that uses an encryption system based on certain policy, which means that an organization implements a series of policies corresponding to the type of e-mail that must be encrypted and under what circumstances: such as automatic encryption of all email in output that contains sensitive personal information or any outgoing message sent by a user to a particular group.
Some products provide a client email encryption that must be installed on desktops, laptops and mobile devices users.
This client can use an encryption system based on policy, allowing users to choose which e-mail messages encrypted, or can do both: enforce encryption for some e-mail making the procedure optional for other types depending on demand user.
The client can also provide protection for e-mail starting from the endpoint, rather than the mail gateway, so going to counter threats directly on the client’s local network.
Experts point out, however, that it is not essential to go to install this client on the target system is available as a web-based interface that performs decryption and reading messages encrypted e-mail. Sometimes this type of Web-based interface hosted by providers that make mailings; other times it is a cloud-based service offered by the software provider of email encryption.
Suitable environments for encrypting e-mail
An e-mail encryption software is generally designed for environments that host their email services. So organizations that outsource the e-mail service – which happens to many small businesses – you probably can not use the type of email encryption software described above. These organizations should contact their service provider and email to assess what, if any encryption options are supporte.
Any organization that operates independently of the hosting email services probably already receiving e-mail encryption software.
Virtually every company transmits sensitive data when using electronic mail and its this type of transmissions, even accidentally, can cause data breaches that cost a company much more than a software solution for email encryption.
Cost differences
One of the reasons why ii encryption software and email have become so popular is because this type of products is often less expensive than the adoption and implementation of alternative products.
First it must be said that the software of e-mail encryption generally does not require the organization to set up public key infrastructure (PKI), the creation and the maintenance of which can be costly.
Second point is the type of operation that, working on the back end, it saves the user training. If it must be performed a process of encryption the client side, however, it may be required a training activity lasting about 15 to 30 minutes.
The fixed cost is licensing software, typically accounted for based on the number of email accounts. And if you want to have use of a client-side encryption are counted more expenditure items relating to the installation of client software on all desktops and laptops involved.
Finally there are all costs related to maintenance of the e-mail encryption software and technical support to users. The enced, in fact, point out that it is very important to keep in mind all these details of cost, too often underestimated.
No comments:
Post a Comment