Picking Your Way Through the Mime Field
We’re a professional software security consultancy and experienced software developers. Almost 10 years, one of our partners proposed that we develop a utility to encrypt Microsoft Outlook email messages. A prototype was developed – but an interesting thing happened when we started talking to potential beta customers – lawyers who had sensitive client information and technology development companies who have valuable intellectual property that they need to protect.
When we asked senior executives what they thought about encrypted email – the answer was universally – “We don’t really care”
Fast forward 10 years and the situation has changed dramatically. We routinely counsel clients to carefully read the terms and conditions of their cloud email service providers. For this reason we generally recommend to our medical and healthcare customers not to use Microsoft Skydrive due to their problematic privacy policy.
Today – encrypted email is an option you must consider.
Google Does What?
Online security in particular email security just got a whole lot more interesting with Google’s revelation that it does read emails it handles. Apparently Google have stated this fact in their submissions to hopefully dismiss a class action lawsuit that accuses them of breaking wire tap laws. I have always maintained that writing to someone via email is akin to writing them a postcard. The content of the email just like a postcard can be read on route. Now it’s a bit of a stretch of the imagination to think of the Post Office having someone read all of our postcards that we send but we still would not write to a friend of colleague about private matters on a postcard. We would seal it in an envelope.
Google in their defense of their position regarding the reading of our emails say; “Just as a sender of a letter to a business colleague cannot be surprised that the recipient’s assistant opens the letter, people who use web-based email today cannot be surprised if their communications are processed by the recipient’s ECS (electronic communications service) provider in the course of delivery.” Using this analogy fails to acknowledge the fact that when an assistant opens their bosses mail they do so with the prior consent of their boss and they are subject to confidentiality agreements, if not specific most certainly implied by their position. Google on the other hand can make no such claim, because they explicitly then share that scanned information with the National Security Agency’s (NSA) under the provisions of the Patriot Act. Privacy does not exist when communicating by email, if this is news to you and you want to do something about it today read on.
Sealing Your Email
If you want to continue using email to send your private communications via any web-based communication service you are going to have to make use of encryption. Now this isn’t the time to stop reading because you think I can’t be asked to learn all about that malarkey. Modern email encryption can be extremely easy take a look at Egress Switch. It’s not like back in the day, when both sender and recipient needed to have bought into the same product, nowadays you can send a friend an encrypted email without having to have previously set the whole thing up!
Where Do I Sign-up?
Finding the right product for you is important; if you are looking for a corporate solution for private messaging and encrypted mail then it becomes a little more involved.
Software Associates are an experienced IT security consultancy with top flight consultants and has been operating since 2003 serving large publicly traded companies and small startups with the same care and highest level of attention to providing cost-effective security countermeasures.if you don’t mind corporate America and big brother reading all of your mail do nothing, however if that’s not how you want things to play out you need to adopt email encryption right now!