Secure Your Email with Encryption

Corporate espionage is big business these days. So it makes sense to deploy some kind of encryption system to ensure that prying eyes can’t decipher anything garnered from intercepted messages or from stolen computers. Whether it is customer data, employee data, intellectual property or confidential financial information, losing anything can be seriously detrimental.

“Lost or stolen data can cripple a business’ reputation and financial standing,” says Than Tran, product marketing manager at PGP Corp. of Palo Alto, CA. “A business must ensure e-mails containing sensitive information are kept secure and that they comply with privacy laws to assure safe transactions for their customers and the privacy of their employees.”

Email Encryption Systems
Tran explains that there are several different methods of e-mail encryption. Endpoint-to-Endpoint represents full encryption from the originating device to the recipient device. This method provides the highest level of security by allowing no intervening points at which plaintext data can be read by anyone but the intended parties. The drawback is that this mode also creates the greatest amount of complexity from an implementation, administration and management perspective. This complexity mainly results from the fact that encryption software must be installed and maintained on the endpoint that integrates with the client email reader software.

Gateway-to-Endpoint is one way to simplify things. It provides full encryption from a gateway system within the sender’s network to the recipient’s endpoint. In this scenario, the message leaves the sender’s desktop in plaintext and is encrypted by a gateway located within relative proximity to the email server. This mode eliminates the need for any encryption software or user interaction on the sender’s side.

“Another variation on this is Gateway-to-Gateway,” says Tran. “It is like Gateway-to-Endpoint, but adds an encryption gateway on the recipient’s side, thus eliminating desktop software and administrative costs on that end as well.”

Finally, there is Gateway-to-Web which provides access to sensitive data via a Web server, possibly co-located on the gateway itself. The data is typically protected via transport layer encryption, such as Secure Sockets Layer (SSL). This allows secure communication to occur with any recipient, regardless of its architecture or level of sophistication.

“In this scenario, a standard message is sent to the recipient, advising that a secure message is waiting at the gateway,” says Tran. “The recipient retrieves this message via a secure connection, which may also require authentication with credentials delivered by an out-of-band mechanism.”
More On Secure Email Encryption