In order to send e-mail over the Internet and still be sure it is private, secure and remains confidential you...
will need to provide digital certificates for your staff and your customers. Digital certificates allow e-mails to be digitally signed, encrypted and sent using S/MIME (Secure Multi-Purpose Internet Mail Extensions). Digitally signed e-mail and encryption will solve your issues of:
- Unsecured backups
S/MIME has become the standard method for sending secure e-mail, and most of the major e-mail programs, including Outlook, Outlook Express and Netscape Messenger support it. Using S/MIME is fairly straight-forward, particularly because you and your customers won't need to use the same S/MIME-compliant e-mail program, though browser-based e-mail accounts such as Hotmail don't support S/MIME.
When you send a digitally signed message, your digital certificate is sent along with it so your customers can use the certificate to verify that the message is from you and has not been modified. They can then use your public key, stored in the certificate, to encrypt a reply that only you can read it. This is done by decrypting the message with the corresponding private key installed on your machine. Likewise, if you wish to send an encrypted message to a customer, you must first obtain their digital certificate in order to be able to use their public key to encrypt the message so that only their private key can decrypt it. It is this aspect of secure e-mail communication, which can make it impractical if you want to send encrypted messages to thousands of customers. If your organization runs Windows server 2000 or 2003, you can use the free Microsoft Certification Authority, which can issue certificates for your staff and customers, but you will need to explain how they use the digital certificate that you issue to them. It is also important to remember that although S/MIME e-mail is securely transmitted once it is decrypted and read by the recipient, it can be copied or printed without limit, so you will still need to consider the nature and sensitivity of an e-mail's contents before sending it.
Dig Deeper on Email Security Guidelines, Encryption and Appliances
Related Q&A from Michael Cobb
A web shell from the JexBoss security tool was used to exploit servers through an unpatched JBoss vulnerability. Expert Michael Cobb explains how to ...continue reading
The Android Trojan Triada has the ability to replace a device's system functions with its own. Expert Michael Cobb explains how to mitigate the ...continue reading
An old Java vulnerability was discovered to have been ineffectually patched. Expert Michael Cobb explains how this happened and what can be done to ...continue reading
Have a question for an expert?
Please add a title for your question
Get answers from a TechTarget expert on whatever's puzzling you.