Different types of e-mail encryption and their benefits
Millions of e-mails are sent around the world every day. Emails are sent from server to server and are temporarily stored in the process. If they are unencrypted, attackers can read them on every server. E-mails can also be intercepted by criminals on their way from one server to another and their content can be falsified. Neither the sender nor the recipient will notice anything.
E-mails with sensitive information should therefore be encrypted. During encryption, readable information (plain text) is converted into its illegible counterpart (ciphertext). The ciphertext can only be made readable again with the help of a suitable key.
Why is it important to encrypt your e-mails?
When you send a letter to someone you know, you hope that he or she is the only one who reads this letter. But a lot can happen to that letter while it’s in transit and there might be curious people trying to read your letter. That’s why we send important messages in a sealed envelope and not on the back of a postcard. Sending and receiving email works in a similar way. However, when you send or receive messages through an email provider that does not transmit messages over a secure connection, attackers could view your emails. Anyone can read unencrypted e-mails. Not only the email provider who evaluates emails for personalized advertising. Also secret services, police and criminals who are interested in your data can read unencrypted mails, regardless of whether it is of a private or business matter.
The encrypted communication prevents unauthorized third parties from reading it and thus guarantees confidentiality. But it also protects data, regardless of whether it is text, video, picture or voice messages, from criminals, competitors or data collectors. Encrypted e-mails are also not easily visible to your own employer or colleagues from the IT department. And: Encryption also protects if a mishap does occur and an e-mail is accidentally sent to the wrong recipient.
Once trade and business secrets have been disclosed or personal information has been intercepted and copied, the amount of financial damage and the loss of image suffered for a company can hardly be foreseen, if not threatening the very existence of a company. The impending private and criminal law measures should not be underestimated either: Violated confidentiality obligations and personal rights can result in claims for damages, fines, disciplinary measures and, in the worst case, even with prison sentences.
Different types of e-mail encryption
Basically, a distinction must be made between two types of email encryption: Encryption in Transit and end-to-end encryption. Below we will discuss the key differences.
In-Transit encryption or Transport Layer Security (TLS)
Encryption with Transport Layer Security (TLS) prevents others from intercepting and reading your message in transit. TLS is a protocol that encrypts and securely delivers e-mail, and that applies to both incoming and outgoing e-mail traffic. It helps prevent eavesdropping between email servers, keeping your messages private while in transit between email providers. TLS is increasingly being embraced as the standard for secure email.
But your messages are only encrypted if you and the people you e-mail with are using email providers that support Transport Layer Security. Not all email providers support TLS, and if you send or receive messages from such a provider, your message is not secure from spectators.
End-to-End encryption
While TLS only provides encryption between individual users and service providers, E2EE encrypts communication directly between the users of a system. Only the sender and recipient can read the email in clear text if they have the necessary key. Neither the e-mail providers involved can read the e-mail, nor do potential attackers have the opportunity to manipulate the e-mails on the go. This means that only this technology fulfills the three objectives of encryption on the Internet: confidentiality, authenticity, and integrity.
Difference between TLS and E2EE
With end-to-end encryption, a plaintext message that you sent gets encrypted at your end and gets decrypted only after reaching the recipient’s device. However, in TLS, a plaintext message gets encrypted at your end and decrypted at the server. The message further gets encrypted depending on whether or not the recipient is also using TLS.
Encryption-in-transit does solve the main problem: the interception of data in transit from user to server and from server to user, which is the most dangerous part of a message’s journey. Therefore, not all organizations are rushing with end-to-end encryption.
How we can help
At IRIS Nederland we take information management seriously. Information is the source of every organization and therefor requires intelligent, future-proof solutions which meet the needs of organizations and their users. We keep that promise to our customers for over 20 years now. Whether you are looking to implement a new document- or any other information management solution: we have the experience to support you with such a project from start to finish.
Get in touch with us if you want to know more how our solutions and services can make your organization work more efficient, secure and smarter.
About the author
