Many email services hides your IP address to maintain your privacy. But you have to encrypt your emails to reach a real sense of security.
While we have an ever-growing variety of ways to communicate with each other, email is still the standard means of communication in the business world.
Across even a small business, you might have dozens of email addresses. Across those email addresses, you and your teams might share anything from opinions on clients to sensitive customer and internal data.
As such, it is critical to ensure you are protecting and securing your emails as much as possible.
Many email services, including Gmail, do things like hiding your IP address to maintain your privacy. However, for a real sense of security, it is essential to encrypt your emails.
When you encrypt an email, you scramble the contents of your email messages. It's also possible to encrypt the contents of email attachments, meaning you can encrypt your PDF files containing sensitive data before sending them around the office!
By encrypting an email, you make it practically impossible for a human reader to decipher its contents. Thus, encryption allows you to send sensitive information in the body copy of an email with confidence that it is secure and safe from potential hackers.
The cost of data and security breaches to your business can be enormous.
Conservative estimates suggest the total value of fines handed out to companies for such breaches in the last few years stand at $1.63 million and counting. While a penalty for a data breach will hit you where it hurts, you will also risk losing the trust of your customers. If people cannot trust your business to protect their data, why would they share their details with you or allow you to hold their credit card information?
Granted, you typically would not hold such data or send it across emails. Still, the cost of these data breaches goes some way to highlighting the importance of protecting every aspect of your business.
Given how easy it is to encrypt your emails, if you are not already doing it, don’t wait until your next internal security review. Encrypt your emails now!
The two most widely used protocols used in email encryption are S/MIME and PGP/MIME.
The world’s most widely used email encryption protocol, all Apple devices come with S/MIME encryption built-in to their email services out of the box. S/MIME is also available for other email services, including Outlook, Office 365, and Gmail.
When you use S/MIME, your emails are encrypted via a centralised authority which selects the encryption algorithm.
PGP/MIME was developed as an additional protocol specifically to deal with vulnerabilities in plain text emails.
PGP/MIME’s trust model is decentralised, giving you control over how well you encrypt your emails. To use PGP/MIME protocol, you will need to find a third-party encryption tool that works with your email provider and device.
Encrypting emails is straightforward, but there are some things you may need to be aware of when setting up and using email encryption.
Below, we look at how to ensure you have encryption enabled in your email and a little more detail around how it works.
If you use Gmail or a G Suite package, your email accounts include S/MIME encryption as standard. However, S/MIME only works within Gmail if both you and your recipients have it enabled. However, this will ensure you can encrypt all your internal emails and protect your business from hackers.
Follow the process below to encrypt your emails in Gmail:
Whichever email service you use, it's worth always using the same level of encryption, preferably the maximum possible level. Only encrypting some emails can make you attractive to potential hackers. Hackers will think you are bound to have unwittingly shared some sensitive information in an unencrypted email at some point.
When changing the encryption settings in Gmail, you will see three colour codes:
Outlook and Office 365 email include S/MIME protocol as standard, but you need to set it up yourself.
Follow the below steps to set up S/MIME in Outlook or Office 365:
With Outlook and Office 365, if you send an S/MIME email to a recipient who does not use S/MIME, they will not be able to read your message.
Apple includes S/MIME in all its devices out of the box. All you need to do is ensure it is set up and ready to use.
You can do this by following the steps below:
Note you will only be able to encrypt an email if the lock is blue. If the lock is red, this means the recipient needs to turn on their S/MIME setting to receive an S/MIME encrypted email.
To encrypt your Yahoo! emails, you will need to deploy a third-party S/MIME or PGP/MIME service. We list four of these below.
Likewise, to encrypt emails on your Android device, you will need to find a suitable S/MIME or PGP/MIME app.
If you are just getting started with email encryption, try one of the five email encryption tools below.
ProtonMail is a PGP/MIME tool offering free and paid encryption plans. The tier and price plan you require will depend on how many business email domains you want to protect, and the volume of emails you and your team send each day.
Mailvelope is a free open source encryption tool for webmail that works as a browser extension and is compatible with Google Chrome, Mozilla Firefox, and Microsoft Edge. You can use Mailvelope with any webmail provider that supports PGP/MIME.
Sendinc offers what it calls "military-grade" encryption and is compatible with Outlook apps. Sendinc provides some useful features including API use for integration with other apps, with free and paid plans
As you can see, ensuring you have email encryption set up in your business is straightforward. Make it part of your organisation’s culture to be diligent when it comes to all matters of security and adopt email encryption as fully as possible.
While you cannot guarantee every external contact can receive encrypted emails, there is no excuse for you not to be using encryption internally as a minimum.