Personal Privacy Through Email Encryption

encrypted-emailOne of the easiest ways for an intruder to learn about you is through a compromised email account.  And since most email is transmitted in the clear or in plain text, it is a simple thing for a bad actor to read intercepted email traffic.  Encrypting your email makes it harder for criminals, competitors, law enforcement, and government spy agencies to read your email messages.

You can set up secure email yourself using TLS, S/Mime or PGP.  TLS is probably the easiest to implement, but your email is not encrypted until it reaches your email host’s SMTP server. S/Mime and PGP both use public key cryptography, and require that the sender first acquire and then install a key certificate.

Some other solutions include the Swiss company ProtonMail, Dallas Texas based Zix, and Vancouver Canada based Hushmail.  These companies all provide end-to-end encryption that starts on your computer.  Zix also has an secure email gateway product for large enterprise users.  These services make the process of encrypting and decrypting messages transparent to the users.

Basically, the way this works is if you and your recipient both have the same service, then you can send and read email normally in your chosen email program.  If you send an encrypted email to a recipient that does not use the same service, they will get an email advising them of a secure message, and a link that will get them into the message on a secure mail server.

These issues make email encryption a bit more of a chore than standard plain-text email, but if you value your privacy and want to keep your communications secure, email encryption is an important addition to other encryption tools such as WhatsApp or Signal SMS text message service, VPN connections, and encrypted phone calls.

More information:

0

About the Author:

I am a cybersecurity and IT instructor, cybersecurity analyst, pen-tester, trainer, and speaker. I am an owner of the WyzCo Group Inc. In addition to consulting on security products and services, I also conduct security audits, compliance audits, vulnerability assessments and penetration tests. I also teach Cybersecurity Awareness Training classes. I work as an information technology and cybersecurity instructor for several training and certification organizations. I have worked in corporate, military, government, and workforce development training environments I am a frequent speaker at professional conferences such as the Minnesota Bloggers Conference, Secure360 Security Conference in 2016, 2017, 2018, 2019, the (ISC)2 World Congress 2016, and the ISSA International Conference 2017, and many local community organizations, including Chambers of Commerce, SCORE, and several school districts. I have been blogging on cybersecurity since 2006 at http://wyzguyscybersecurity.com

Add a Comment


This site uses Akismet to reduce spam. Learn how your comment data is processed.