How to encrypt emails and what software to use

Many email services, including Gmail, do things like hiding your IP address to maintain your privacy. However, for a real sense of security, it is essential to encrypt your emails.

Read on

While we have an ever-growing variety of ways to communicate with each other, email is still the standard means of communication in the business world.

Across even a small business, you might have dozens of email addresses. Across those email addresses, you and your teams might share anything from opinions on clients to sensitive customer and internal data.

As such, it is critical to ensure you are protecting and securing your emails as much as possible.

Many email services, including Gmail, do things like hiding your IP address to maintain your privacy. However, for a real sense of security, it is essential to encrypt your emails.

What does it mean to encrypt an email?

When you encrypt an email, you scramble the contents of your email messages. It's also possible to encrypt the contents of email attachments, meaning you can encrypt your PDF files containing sensitive data before sending them around the office!

By encrypting an email, you make it practically impossible for a human reader to decipher its contents. Thus, encryption allows you to send sensitive information in the body copy of an email with confidence that it is secure and safe from potential hackers.

Why does email encryption matter?

The cost of data and security breaches to your business can be enormous.

Conservative estimates suggest the total value of fines handed out to companies for such breaches in the last few years stand at $1.63 million and counting. While a penalty for a data breach will hit you where it hurts, you will also risk losing the trust of your customers. If people cannot trust your business to protect their data, why would they share their details with you or allow you to hold their credit card information?

Granted, you typically would not hold such data or send it across emails. Still, the cost of these data breaches goes some way to highlighting the importance of protecting every aspect of your business.

Given how easy it is to encrypt your emails, if you are not already doing it, don’t wait until your next internal security review. Encrypt your emails now!

Which security protocol is used to encrypt email?

The two most widely used protocols used in email encryption are S/MIME and PGP/MIME.

Secure/Multipurpose Internet Mail Extensions (S/MIME)

The world’s most widely used email encryption protocol, all Apple devices come with S/MIME encryption built-in to their email services out of the box. S/MIME is also available for other email services, including Outlook, Office 365, and Gmail.

When you use S/MIME, your emails are encrypted via a centralised authority which selects the encryption algorithm.

Pretty Good Privacy/Multipurpose Internet Mail Extensions (PGP/MIME)

PGP/MIME was developed as an additional protocol specifically to deal with vulnerabilities in plain text emails.

PGP/MIME’s trust model is decentralised, giving you control over how well you encrypt your emails. To use PGP/MIME protocol, you will need to find a third-party encryption tool that works with your email provider and device.

How to encrypt an email

Encrypting emails is straightforward, but there are some things you may need to be aware of when setting up and using email encryption.

Below, we look at how to ensure you have encryption enabled in your email and a little more detail around how it works.

How to encrypt emails in Gmail

If you use Gmail or a G Suite package, your email accounts include S/MIME encryption as standard. However, S/MIME only works within Gmail if both you and your recipients have it enabled. However, this will ensure you can encrypt all your internal emails and protect your business from hackers.

Follow the process below to encrypt your emails in Gmail:

  1. Use Google’s instructions to enable S/MIME.
  2. Write an outgoing email as usual.
  3. You will see a lock icon to the right of the recipient(s) name.
  4. Click on this icon, then click “View Details.”
  5. Change the S/MIME settings or the level of encryption you wish to apply to your email.
  6. Click send.

Whichever email service you use, it's worth always using the same level of encryption, preferably the maximum possible level. Only encrypting some emails can make you attractive to potential hackers. Hackers will think you are bound to have unwittingly shared some sensitive information in an unencrypted email at some point.

When changing the encryption settings in Gmail, you will see three colour codes:

  • Red, meaning the email is not encrypted.
  • Grey, meaning the email is protected with Transport Layer Security (TLS). As with S/MIME, this will only work if both senders and recipients use TLS.
  • Green, meaning the email is encrypted with S/MIME.

How to encrypt Outlook and Office 365 email

Outlook and Office 365 email include S/MIME protocol as standard, but you need to set it up yourself.

Follow the below steps to set up S/MIME in Outlook or Office 365:

  1. Follow Microsoft’s guide to setting up S/MIME.
  2. In your S/MIME settings, choose the level of encryption you wish to apply as a default. You can either encrypt the content of all messages, including attachments, or add a digital signature to each message to confirm you as the sender.
  3. To change the settings for specific messages, when sending an email, go into the “More Options” menu. The location of this menu will depend on the Outlook or Office 365 version you have and whether you’re in the app or browser.
  4. Click “Security.”
  5. Choose the level of encryption you wish to apply to the message.

With Outlook and Office 365, if you send an S/MIME email to a recipient who does not use S/MIME, they will not be able to read your message.

How to encrypt email on Mac, iPhone, and iPad devices

Apple includes S/MIME in all its devices out of the box. All you need to do is ensure it is set up and ready to use.

You can do this by following the steps below:

  1. In your device settings, find the Advanced Settings and ensure S/MIME is switched on.
  2. Ensure the “Encrypt by Default” setting says “Yes.”
  3. When writing an email, you will see a lock icon next to the recipient(s) name.
  4. If the lock is open, click it. This will close the lock and encrypt your email.

Note you will only be able to encrypt an email if the lock is blue. If the lock is red, this means the recipient needs to turn on their S/MIME setting to receive an S/MIME encrypted email.

How to encrypt email in Yahoo!

To encrypt your Yahoo! emails, you will need to deploy a third-party S/MIME or PGP/MIME service. We list four of these below.

How to encrypt emails on your android device

Likewise, to encrypt emails on your Android device, you will need to find a suitable S/MIME or PGP/MIME app.

Four email encryption tools to try

If you are just getting started with email encryption, try one of the five email encryption tools below.

1.     ProtonMail

ProtonMail is a PGP/MIME tool offering free and paid encryption plans. The tier and price plan you require will depend on how many business email domains you want to protect, and the volume of emails you and your team send each day.

You can sign up to ProtonMail apps are available on both iTunes and in the Google Play Store.

2.     Mailvelope

Mailvelope is a free open source encryption tool for webmail that works as a browser extension and is compatible with Google Chrome, Mozilla Firefox, and Microsoft Edge. You can use Mailvelope with any webmail provider that supports PGP/MIME.

3.     Ciphermail

Ciphermail is a free encryption tool popular with Android users. It allows you to encrypt via TLS and PDF as well as S/MIME and OpenPGP.

4.     Sendinc

Sendinc offers what it calls "military-grade" encryption and is compatible with Outlook apps. Sendinc provides some useful features including API use for integration with other apps, with free and paid plans

Protecting yourself and your business with email encryption

As you can see, ensuring you have email encryption set up in your business is straightforward. Make it part of your organisation’s culture to be diligent when it comes to all matters of security and adopt email encryption as fully as possible.

While you cannot guarantee every external contact can receive encrypted emails, there is no excuse for you not to be using encryption internally as a minimum. 

Get started today