Email encryption is the process of hiding the content of your email messages from being read by unwanted third parties. Sensitive information such as social security numbers, passwords, login credentials, and bank account numbers are vulnerable when sent via email.
When encrypting emails, it’s important to encrypt all of them, not just the ones that contain sensitive information. if only some of your emails are encrypted, it’s a red flag for a hacker and could make your inbox even less secure. they’ll just have to hack a few emails instead of sifting through hundreds to find data they can use. We explain how to encrypt emails across multiple providers and summarize our tips in an infographic.
what is email encryption?
Email encryption is essentially scrambling the content of an email into a puzzle that only you have the key to solve. public key infrastructure (pki) is used to encrypt and decrypt emails. each person is assigned a public and private key in the form of a digital code.
The public key is stored on a key server along with the person’s name and email address, and can be accessed by anyone. this public key is the one used to encrypt the email. If someone wanted to send you an email with sensitive information, they would use your public key to encrypt it. the private key is used to decrypt emails. it is stored in a secure and private place on the person’s computer and only that person has access to it. The private key can also be used to digitally “sign” a message so the recipient knows it came from you.
why is email encryption important?
Email encryption is important because it protects you from a data breach. if the hacker can’t read his message because it’s encrypted, he can’t do anything with the information. Since 2013, more than 13 billion data records have been lost or stolen. the average cost of a data breach in 2018 is $3.86 million. this number has grown 6.4% since 2017. data breaches can be costly because they take time to identify. in 2018, the median time to identify a breach was 197 days and the median time to contain a breach was 69 days. Email encryption is a preventive measure you can take to avoid being part of a cybersecurity statistic.
types of email encryption
The two main types of email encryption protocol are S/MIME and PGP/MIME. S/MIME (Secure/Multipurpose Internet Mail Extensions) is built into most OSX and iOS devices and relies on a centralized authority to pick the encryption algorithm. S/MIME is used most often because it is built into large web-based email companies such as Apple and Outlook.
pgp/mime (Pretty Good Privacy/Multipurpose Internet Mail Extensions) is based on a decentralized trust model and was developed to address the security issues facing plain text messages. Within this model, there is more flexibility and control over how well you want your emails to be encrypted, but it does require a third-party encryption tool.
how to encrypt emails in gmail
Gmail already has S/MIME built into the app, but it only works if both the sender and receiver have it enabled.
- enable hosted s/mime. you can enable this setting by following google’s instructions on how to enable hosted s/mime.
- Compose your message as you normally would.
- click the lock icon to the right of the recipient.
- click “view details” to change the s/mime settings or encryption level.
- enable s/mime encryption. This process will involve obtaining a certificate or digital ID from your organization’s administrator and installing s/mime control. follow the office steps to configure the use of s/mime encryption.
- encrypt all messages or digitally sign all messages by going to the settings menu and clicking on s/mime settings. choose to encrypt the content and attachments of all messages or add a digital signature to all sent messages.
- encrypt or delete individual messages by selecting more options (three dots) at the top of a message and choosing message options. select or deselect “encrypt this message (s/mime)”. if the person you’re sending a message to doesn’t have s/mime enabled, you’ll want to deselect the box or else they won’t be able to read your message.
- go to advanced settings and enable s/mime.
- change “encrypt by default” to yes.
- when composing a message, an icon of padlock next to the recipient. click the lock icon to close it to encrypt the email.
- price: free and paid plans
- applications: android, apple
- price: free
- apps: android
- price: free
- apps: chrome, firefox
- price: free and paid plans
- apps: chrome, g suite
- price: free and paid plans
- apps: none
- price: free and paid plans
- apps: outlook plugin
- price: free and paid plans
- apps: chrome
When changing encryption levels keep these color codes in mind:
green – Information is protected by s/mime encryption and can only be decrypted with a private key.
grey: the email is protected with tls (transport layer security). this only works if both sender and recipient have tls capabilities.
red : The email does not have encryption security.
how to encrypt emails in outlook
Outlook is also compatible with the S/MIME protocol, but it requires additional setup.
how to encrypt emails on ios
iOS devices also have S/MIME support built in as a default.
Note: If the padlock is blue, the email can be encrypted. if the padlock is red, the recipient must activate their s/mime settings.
email providers that need third-party encryption tools
Email providers and devices that don’t have S/MIME compatibility built-in will need a third-party tool that allows them to use S/MIME or PGP/MIME protocol.
encrypt emails with yahoo
yahoo uses ssl (secure socket layer) as a security layer to protect the account, but requires third-party services to encrypt with s/mime or pgp/mime.
encrypt emails with android
android emails can be encrypted via s/mime and pgp/mime, but both require additional configuration and a third-party application.
encrypt emails with aol
email encryption in aol can be done manually, but requires a third party tool to implement the pgp/mime criteria. You must first download the pgp implementation, and then obtain a program that allows you to use pgp encryption with your webmail provider.
email encryption services
Email encryption can be done manually or through a secure email service. Each of these email service applications has unique offerings, such as encryption of emails, attachments, and contact lists. they do it in the background so you don’t have to worry about doing it manually.
some prominent providers are:
proton mail
protonmail allows you to enable end-to-end encryption and has pgp support. It has different pricing tiers, depending on the number of domains needed and messages sent per day.
encrypted mail
ciphermail supports encryption via s/mime, openpgp, tls and pdf. It is popular for its compatibility with android devices.
mail envelope
mailvelope is an openpgp encryption service for webmail. it is compatible with gmail, gmx, outlook, posting, web.de and yahoo.
virtue
virtru provides end-to-end email encryption services and is compatible with gmail, outlook, hotmail, yahoo and some other providers.
start mail
startmail supports encryption via pgp and is compatible with email services like outlook and gmail.
send 2.0
sendinc offers military-grade encryption and is compatible with outlook and gmail.
blocked
enlocked allows you to send and receive email encrypted using pgp. it is compatible with gmail, yahoo, aol, microsoft and outlook.
Protect yourself and your company from new cybersecurity threats by taking preventive measures. Implementing an advanced cybersecurity solution will help you find the best prevention techniques and educate you on efficient ways to apply them to stay safe from hackers.
sources:
pc mag i comparitech i digital guardian i difference between i paubox i office i virtru i institute of ponemon i forbes i rate of non-compliance level