Email security

Security of company emails is becoming more and more important. For example, the massive Sony hack that exposed countless internal emails compromised a lot of internal information, both personal and financial, occurred because the attacker was able to gain access to the email system, which was not encrypted. Email encryption is a critical part of IT-security. A modern company should expect to be hacked, rather than assume its cyber defenses are strong enough. However, a sufficiently good encryption protocol will prevent attackers from being able to read company emails in the event of a hack.

Strong Encryption
The gold standard for privacy and internet security in the world of encryption is an encryption method called Pretty Good Privacy, or PGP. PGP uses a system where every person who uses it gets decryption keys, and each email account has (should have) another set of keys. The layered system of keys and randomized encryption makes it robust for both personal and business use. Rather than asking users to save passwords, PGP asks users to save keys that they use to decrypt emails. The keys are randomly generated.

Using PGP
There is a significant industry for developing a “front end” to PGP. A front end is software that makes the underlying tools, in this case PGP, easier to use. It is important to find ways to make PGP easy for users, because if it is too annoying or complicated, then regular users simply won’t bother with it. User error regularly frustrates IT security professionals- see by example how frequently users violate the spirit, if not the letter, of password policy by using easy passwords and repeating passwords.

That means that a good front end for PGP that can make it easy for users is a major step in implementation of the encryption method. Several companies have implemented front ends for PGP. For example, Symantec encryption has solutions at the gateway and desktop level. However, the current leading front end is an Outlook plugin called “gpg4o“. This plugin provides a comfortable user experience without compromising the underlying strength of the encryption, and it works smoothly with Outlook. This makes it easy to implement in most business environments, because Outlook is the most common email choice in the business world. Using gpg4o is an excellent choice for a company that wants to add encryption to its email system in an unobtrusive way.


Your Comment

* The marked fields are required.

Comment *

Ich willige ein, dass die oben stehenden Daten zum genannten Zweck verarbeitet werden und habe das Recht, Ihre datenschutzrechtliche Einwilligungserklärung jederzeit zu widerrufen. Durch den Widerruf der Einwilligung wird die Rechtmäßigkeit der aufgrund der Einwilligung bis zum Widerruf erfolgten Verarbeitung nicht berührt. Ich habe dazu die Privacy policy zur Kenntnis genommen.