E-mail Encryption

There are several e-mail encryption technologies and solutions. This section explains how e-mail encryption works and describes the technologies available for e-mail encryption. When people refer to e-mail encryption, they often are referring to encrypting the actual e-mail message so that only the intended receiver can decrypt and read the message. However, to effectively protect your e-mails, you should make sure of the following:

The connection to your e-mail provider or e-mail server is actually encrypted.

Your actual e-mail messages are encrypted.

Your stored, cached, or archived e-mail messages are also protected.

Let’s talk about how to encrypt e-mail messages. There are many commercial and free e-mail encryption software programs. The following are examples of e-mail encryption solutions:

Pretty Good Privacy (PGP)

GNU Privacy Guard (GnuPG)

Secure/Multipurpose Internet Mail Extensions (S/MIME)

Web-based encryption e-mail service like Sendinc or JumbleMe

S/MIME requires you to install a security certificate on your computer, and PGP requires you to generate a public and private key. Both require you to give your contacts your public key before they can send you an encrypted message. Similarly, the intended recipients of your encrypted e-mail must install a security certificate on their workstation or mobile device and provide you their public key before they send the encrypted e-mail (so that you can decrypt it).

Many e-mail clients and web browser extensions for services like Gmail provide support for S/MIME. You can obtain a certificate from a certificate authority in your organization or from a commercial service such as Digicert, Verisign, and others. You can also obtain a free e-mail certificate from organizations such as Comodo.