Recently I read about someone who sent their credit card information over email to purchase something. Naturally, I was shocked. Come to find out he thought email was secure…and in talking to online store vendors many people think email is secure.
It is not.
Logging onto email programs such as Yahoo! is somewhat secure. The login page is unsecure (http: not https: ) which means there is no guarantee that the Yahoo page is really from Yahoo; but if it is, the user name and password are submitted to Yahoo using SSL security (provided your browser is equipped to use SSL – IE, Opera, and Firefox are). BUT, once logged in, sending and receiving emails is not secure.
There are ways of sending and receiving encrypted emails.
A hushmail (free or paid web-based email like gmail or yahoo) user, for example, can send/receive encrypted email to another hushmail user (or PGP user), no problem – the login and the email itself are fully secured. If the recipient’s email is unsecure and you wish to send a secured email, hushmail has an option to ask a question and give an answer for the recipient. If answered correctly the recipient can view the email.
There are add-on programs for email programs such as Outlook that have encryption capability. For example, PGP (pretty good privacy – an encryption technique) can be added on to Outlook so anyone else with PGP (or hushmail user) can send/receive encrypted email.
Large companies use a private network and their own mail servers so intercompany email can be encrypted – but if it leaves the company’s network it is either unencrypted or would require the recipient to have an encryption scheme (like PGP).
One of the benefits of using a totally secure email is you can use it in a public place, such as an airport or coffee shop, and not get snooped.
We use encrypted email for business and generally unencrypted for personal.
Doug
Yeah, encrypted email is great for businesses. The only problem with using encryption ONLY is it may protect your email during its travels but it will not protect it once it reaches its destination. Read this article in the Seattle Times about Taceo which is an email anti-theft security software that not only encrypts emails for sending and receiving but it also has features that disallows printing, copying, editing or forwarding of email and email attachments.
This tool would be ideal for business so that they don’t suffer anymore losses in IP and company assets. *cough cough* AOL *cough cough*
Good point! I saw an article in Wall Street Journal that spoke of email that has a finite lifetime – down to 10 minutes – before it self-destructs. And it cannot be copied, edited, etc.
I’ve heard of companies that will not use email. Period. Pretty drastic.
I believe *eventually* targeted email will be the norm.
Doug