You may have seen the words ‘email encryption’ and wondered what they mean, well today is your lucky day because here at Bandicoot Towers we are going to answer the question, what is email encryption?
A Rubik’s Cube
Do you remember Rubik’s cubes? Those infuriating puzzles that would end up gathering dust or being thrown out of a window.
If you don’t remember or would like a trip down memory lane, wired.com have a cool video about them here.
Email encryption kind of does the same thing, it makes emails into a puzzle and only you have the instructions on how to solve it.
It used to be that email encryption was only used for communications with confidential material such as bank details or national insurance numbers, but the use of email encryption has increased over the years as hackers have found new ways get into emails and email accounts.
According to Cyber Security Statistics from the UK Government, 32% of UK businesses identified cyber security breaches or attacks in the last 12 months and the cost for businesses that have lost data or assets is an annual average of £4,180.
The rise of data breaches and ever developing methods that hackers are devising means that everyone is looking the best security option in order to keep their data safe, email encryption being one of the best ways to do this.
Public Key Cryptography
One of the foundations of any end to end encryption is public key cryptography, which may look complicated and confusing, so let’s break down how it works.
So, for example, say you sent an urgent email to a colleague:
When you click send, the email is encrypted using a ‘public key’ and the text is scrambled up so it looks like:
As that message flies through the internet, anyone attempting to read it or intercept it only sees the encrypted version.
Then when the intended recipient gets the message and opens it, their system has an individual ‘private key’ that translates it back into the original text.
That’s the basics of public key cryptography, there is quite a lot more technical and mathematical details involved and if you would like find out more information, then GlobalSign.com have a good article about it here.
Encrypt All Emails
It used to be standard practice in some companies that only certain messages were encrypted. Which made sense at the time but these days it is a bit like leaving a window open for a burglar. Anyone attempting to get sensitive data won’t have to search thousands of emails as they can just focus on the encrypted ones.
PGP & S/MIME
That heading actually looks like an encrypted message but is actually the two main types of email encryption.
PGP or Pretty Good Privacy, was developed in 1991 and works in pretty much the same way as we described earlier when we talked about public key cryptography.
S/MIME is slightly different. S/MIME, aka Secure Multi-Purpose Internet Mail Extension, uses a digital signature along with the standard encryption formula in order to secure and email communications that are sent or received.
So, when a message is created, S/MIME adds a digital signature to the message containing the message creators unique details.
This digital signature is then attached to the message when the email is sent out into the internet.
As before, the encryption reduces the risk of an email being read by any hackers.
But the digital signature adds another layer of security verification step when the message is received at the other end.
When the message arrives, along with the private key that is used to unencrypt the content of the mail, the digital signature is read and if it matches then the message is verified, unencrypted and delivered.
Keep Up To Date With Encryption Technology
As we said earlier, hackers are always looking for and developing new ways and methods of getting into emails and stealing data and assets.
So, don’t just rely on one email encryption method and stick with it. Always look and read at any news stories concerning data breaches or hacking. Subscribe to good tech sites like Wired.com.
In fact, a good example here is an article from wired in which they argue that using PGP isn’t as secure as it used to be and that users look to more advanced ways of encryption such as Signal.
We hope that all of this has been helpful and given you food for thought!
Get In Touch
If you do want to find out more about email encryption then here at Bandicoot Towers we have a team of experts that will happily talk you through all the options available and the services that we provide.
Please do not hesitate to call us on 01282 506 616 or contact us online here.