E-mails form such a large proportion of communications that it can be easy to overlook the importance of security. Due to the Internet’s prevalence and speed, many people send an e-mail instead of picking up the telephone or sending a letter, and often content can be sensitive, perhaps containing personal details. Even if content is considered benign, e-mails should be encrypted in the same way that a house or car should be locked upon exiting. This is because there are a number of points at which e-mails can be intercepted as they travel to recipients, with some eavesdroppers using traffic monitors to scan for words that might suggest interest, such as ‘password’.
Consequences of Unencrypted E-mail
Without encryption and digital signatures, e-mails can be intercepted, leading to potential identity theft, data protection breaches, loss of intellectual property and damage to reputation, all of which have serious and financial ramifications. Individuals, and particularly businesses, should therefore implement suitable software to avoid the dangers and problems that can be incurred through a lack of e-mail security.
It’s Easy to Make E-mail Safe
Creating a safe e-mail infrastructure need not be difficult or expensive – in fact, it takes minutes to set up and is completely free! GnuPG, known as GPG for short, provides access to popular OpenPGP encryption programmes. These products are completely free with no restrictions on type of usage, distribution or modification, meaning that those with an aptitude for computer programming can modify a programme to make a bespoke version, if desired.
How It Works
Not only is the software free but there are several editions available and the OpenPGP standard ensures e-mails are protected in the most secure way possible. In addition to encryption, GnuPG software utilises optimum placement of passphrases, for example in the creation of digital signatures. A passphrase is a string of up to 100 characters and one of its uses is to make an encoded form of identification called a digital signature that proves the sender of an e-mail is genuine.
Extra security measures include the use of private keys and random number generators. In Krypto, or cryptography, a private key (also called secret key) is used in the encryption and decryption of messages. By using appropriate random number generators, GnuPG software is not affected by weaknesses concerning random numbers and through the use of adequately secure passphrases, easy interception of the private key is prevented.
Considering the potential consequences of unencrypted e-mails, those without e-mail security should consider it a priority to download and install suitable software, such as one of GnuPG’s OpenPGP programmes, and existing systems should be updated frequently.