September 26, 2015
If you’ve paid attention to the news in recent months, you’ve likely heard about Hillary Clinton’s email server snafu. While Clinton’s issue is certainly on a level of its own, the reality is that it should encourage everyone to think about the overall security of email and the need for stricter measures of encryption.
The Need for Email Encryption
Email encryption is a challenging concept for most people to understand. It’s unfamiliar and strange – and seems like overkill to some who do understand it. However, it’s becoming increasingly necessary. With cyber attacks becoming commonplace on the internet, protecting your private information is more important than ever.
In order to put email encryption into perspective, let’s look at a tangible example. If you were on vacation in another country and wanted to send a quick note to your parents back home, you may opt to send a postcard from the city you’re visiting. You do this with the understanding that anyone who touches your postcard before it reaches the destination can read your note if they please. It’s not really a big deal, though, as what you’re saying isn’t necessarily top-secret.
However, if you were traveling abroad and wanted to send a personal letter to your significant other back home – expressing your love for them and sharing private details of your trip – you’d probably opt to send a letter in a sealed envelope. Someone along the way could still potentially open it, but the deterrence of the seal greatly enhances the security of the message.
But what if you were sending a large sum of money back home in the form of a check? You certainly wouldn’t tape it to a postcard, and you probably wouldn’t even send it in a standard envelope. Most likely, you would use a security envelope. Depending on the size of the check, you may also choose to get a tracking number for the envelope.
The moral of the story is this: The level of security you invest in typically depends on the nature of the information being sent. Bringing the conversation back to email, encryption is the highest form of security you can invest in. For two friends sending emails back and forth about their weekend plans, encryption is pointless. However, for organizations that export products and services that play a role in the defense of the nation, email encryption is required. One contains highly important information; the other does not.
Understanding Email Encryption
Email was never designed to be secure. “It was developed when the internet was a much smaller place to standardize simple store-and-forward messaging between people using different kinds of computers,” programmer Geoff Duncan writes. “Email was all transferred completely in the open – everything was readable by anyone who could watch network traffic or access accounts (originally not even passwords were encrypted).” While there have been some upgrades to the overall security of email, it’s still a very vulnerable channel of digital communication.
The vulnerability of email stems from the fact that there are four unique places where private email accounts can be compromised: on your device, on the networks, on the servers involved, and on the recipient’s device. While securing devices is pretty straightforward, the same can’t be said for networks and servers. You can’t simply setup a password and assume everything is good to go. That’s where email encryption comes into play.
“The best way to protect communications is to encrypt them: basically, scrambling the data with complex mathematical transformations so it’s only intelligible using the correct password or other credentials,” Duncan writes.
While there are several ways to encrypt your email, the easiest way is to either purchase a third-party software, program, or plug-in that attaches to your existing email client, or to download and install an email certificate. Andrew Schrage, a user of encrypted email, favors the latter.
“With [every email certificate] come a public key and a private key,” he says. “Your public key is what you send to people who want to send you encrypted emails, and your private key is what you use to decrypt them.” This allows you to control what information is encrypted and what information is not. In other words, you’re able to call the shots.
Make the Smart Choice
Email encryption isn’t a requirement for private users – but it should be. Unless 100 percent of your messages contain information that you don’t mind being public, then you need encryption. It’s a simple, straightforward security measure against pervasive threats that can cause widespread damage. Make the smart choice and research your options.
Image credit: Flickr/CarbonNYC, cropped and resized
Did you like this article?
Get more delivered to your inbox just like it!