Email is highly vulnerable. It’s also one of the quickest, most common and most convenient ways for us to communicate with each other these days. Even if you’re not emailing top secret information (although especially if you are!) and particularly if you’re using an unsecured or public Wi-Fi network, hackers can find ways to gain access to attachments, digital content and even hijack your entire account. Even emails sent within a secure network can be intercepted by other users, so it’s definitely worth updating your knowledge about email security and particularly email encryption.
Email encryption is the process of encrypting or disguising the content of an email message to protect sensitive information from being read by anyone other than the addressee or intended recipients. Email encryption may also include authentication.
What Should You Encrypt?
Connection from your email provider
Encrypting the connection from your email provider can prevent unauthorized users or hackers on the network from intercepting or capturing sensitive information within any email messages you send or receive as they leave the server and travel around the Internet.
Encryption of email messages right before they’re sent means that even if someone other than the addressee should intercept your email messages, they’ll be unreadable and useless.
Stored, cached or even archived email messages
Finally, if you have stored email messages in your email account, anyone may gain access despite password protection features of your accounts or the device you are using. Email encryption makes sure that even if someone has gained access to your email, the content is unreadable.
Major Email Providers Encrypt Emails Already
Email services providers use end-to-end encryption like TLS to encrypt emails during transmission, but if you want better or more robust security you can host a mail server and setup protocols to it or you can use military grade subscriptions which some services provide for a fee, usually by monthly subscription.
There are other tools that can be used to encrypt email. You can use a personal email certificate to digitally sign your emails. This can reduce the number of spam messages that can be sent using your email account. The digital signature allows recipients to know whether the messages they are receiving were actually sent by you.
Email encryption relies on PKI, Public Key Infrastructure, in most cases a combination of a private key (known only by you) and a public key (known only to those you choose to distribute it to). If you want to encrypt your outgoing email messages, you would use the public key, while the intended recipients would use the private key to decrypt those messages into a readable format. Anyone can use a public key to encrypt emails, but each of these encrypted messages can only be decrypted or opened by a unique private key.
Encrypting all your email messages should be standard practice as hackers are always looking for ways to access your personal information. Decrypting emails or email messages one at a time to decipher any potential sensitive information is a tedious task, one that even the most notorious hackers may feel is not worth the time and effort.
In 2016, Hillary Clinton’s emails were hacked and caused a major campaign issue. Yahoo revealed that over 1 billion email accounts were hacked in 2013 and 2014, and even the Democratic National Committee’s emails were famously hacked. While email encryption might not have prevented these infamous hacks, email security has since become a top priority for many. This call for greater email security has resulted in Gmail using a transport layer security (TLS) as well as encrypting emails. This is a notable move toward email encryption becoming standard practice, as it should be.
Hopefully now you’ve learnt a little more about email safety and security and the importance of email encryption. If the Clinton’s aren’t safe – no one is!