There are several e-mail encryption technologies and solutions. This section explains how e-mail encryption works and describes the technologies available for e-mail encryption. When people refer to e-mail encryption, they often are referring to encrypting the actual e-mail message so that only the intended receiver can decrypt and read the message. However, to effectively protect your e-mails, you should make sure of the following:
The connection to your e-mail provider or e-mail server is actually encrypted.
Your actual e-mail messages are encrypted.
Your stored, cached, or archived e-mail messages are also protected.
Let’s talk about how to encrypt e-mail messages. There are many commercial and free e-mail encryption software programs. The following are examples of e-mail encryption solutions:
Pretty Good Privacy (PGP)
GNU Privacy Guard (GnuPG)
Secure/Multipurpose Internet Mail Extensions (S/MIME)
Web-based encryption e-mail service like Sendinc or JumbleMe
S/MIME requires you to install a security certificate on your computer, and PGP requires you to generate a public and private key. Both require you to give your contacts your public key before they can send you an encrypted message. Similarly, the intended recipients of your encrypted e-mail must install a security certificate on their workstation or mobile device and provide you their public key before they send the encrypted e-mail (so that you can decrypt it).
Note
Chapter 5, “Fundamentals of VPN Technology and Cryptography,” introduces the concept of private and public keys and how they work.
Many e-mail clients and web browser extensions for services like Gmail provide support for S/MIME. You can obtain a certificate from a certificate authority in your organization or from a commercial service such as Digicert, Verisign, and others. You can also obtain a free e-mail certificate from organizations such as Comodo.