I just purchased an iPhone and am trying to set up my email account. After setting up an account, I received a...
By submitting your email address, you agree to receive emails regarding relevant topic offers from TechTarget and its partners. You can withdraw your consent at any time. Contact TechTarget at 275 Grove Street, Newton, MA.
message saying that SSL cannot be activated. What are the security risks of using these account settings? What are my other options?
The Secure Sockets Layer (SSL) provides encryption for TCP/IP connections as they transit the Internet and local networks between a client and a server. In the case of iPhone email, SSL encrypts all of the communication between your phone and your mail server.
Why is this important? There are two very significant reasons. First, checking mail without using SSL means anyone with a device on the same network can eavesdrop on your communications. They can use commonly available tools, such as Wireshark, to read your email as it transits the network.
If you're not concerned about the confidentiality of your messages, there's another important reason to encrypt your email connections: protecting the security of your account. If you don't encrypt your connection to the mail server, it will send your username and password in cleartext on the network. An eavesdropper would then be able to log in to your mail account and send/receive email using your identity.
For these reasons, I strongly recommend that you use SSL-enabled connections for sending and receiving email, not just on your iPhone, but on all devices.
Dig Deeper on Handheld and Mobile Device Security Best Practices
Related Q&A from Mike Chapple
Encrypting data going to the cloud is a security best practice, but does it add extra challenges for regulators that might need to access the data? ...continue reading
Merchants that sell at off-site venues need to take extra care to follow PCI compliance standards. Expert Mike Chapple discusses how organizations ...continue reading
The FTC's order for PCI DSS compliance assessments is odd since PCI isn't a government regulation. Expert Mike Chapple explains the motivation ...continue reading
Have a question for an expert?
Please add a title for your question
Get answers from a TechTarget expert on whatever's puzzling you.