Introduction
Many people still seem to think that sending an email is secure—that only they and the person receiving the email can read it. However, nothing could be further from the truth. Without you doing something on purpose, sending email (and any attachments) has the same security as sending a postcard in the US mail. Almost anyone with server access could read it.
From its humble beginnings, Email (sadly, like many current technical products still to this day), now in use for over 50 years, was never developed with security in mind. Email’s main goal was to allow people to send messages, where before email such communication was next to impossible. Although Email is ubiquitous today, what gets sent via email is much different, and often much more personal, than in the past.
Email’s missing security should concern you, since most people who ask you to email some document have no idea that possibly sensitive information you’re sending could bounce around the Internet unprotected from prying eyes. That email could be stored on multiple servers en route, read by any administrator, etc., before finally making it to the destination (think: doctor, lawyer, bank, and other non-technical people who may innocently ask you to email something extremely private). Unless you do something on purpose to safeguard your email, or you know you’re using an encrypted email service, your email is sent in plain text that’s easy to read.
So, what to do?
Use a Third-Party Email Service to Encrypt Your Emails
One solution would be to use a service like ProtonMail, which encrypts emails and keeps emails encrypted on ProtonMail’s email servers. If both the email recipient and email sender have ProtonMail accounts, your emails are are always encrypted. The shortcoming with this approach is that, however trusted ProtonMail may be, they have the “keys” to your emails. So, in theory, however unlikely, they could read your email. Although it’s still much better to have encryption from a third-party like ProtonMail over none at all, letting another company control the keys to your email has the same inherent risk with any third-party email company you pick.
Set Up Your Own Encryption
A more secure solution is to set up your own encrypted emails. Most popular email clients like Thunderbird, PostBox, MacMail, and even Outlook (on the PC only, currently) support PGP either directly (Thunderbird) or using a plug-in. Plug-ins are either free (Thunderbird, PostBox) or inexpensive (MacMail and Outlook). Check with your current email client to see how (and if) it supports PGP.
PGP (“Pretty Good Privacy”) is an email encryption method in which you generate a public key and a private key for each email account you want to secure (Note: you can use PGP outside of email, too). You never need to share a password. You then share your public key, as described below, so that others can send you encrypted emails.
To set up encrypted emails, you start by creating a “keyring”. For each email account you have, you create a “key pair”. A key pair has a public key and a private key. The keyring is a software construct (a file on your computer) in which you store your public and private keys (you NEVER share your private key with anyone) and public keys you have imported for other people. The key manager software creates public and private keys for each email address. If your email program supports PGP, it should automatically work with a key manager. Then, once you’ve created the keys in the key manager, you can use them to send encrypted emails.
Normally, all you need to do is enter the email address in the “TO” line of an email and click “encrypt” (or similar, depending on the email program) and the email program will find the public key (in your keyring) of the person you are emailing and encrypt the email automatically when you send it.
Since many emails don’t need to be encrypted, encrypting an email is always optional. You decide which emails to encrypt and which not to encrypt.
Sharing Your Public Key and How to Send Encrypted Emails Back and Forth
To understand what’s really going on, here’s the flow: for person A to send an encrypted email to person B, person A has to first import person B’s “public” key into his keyring (you NEVER share your private key). Then, person A creates an email and encrypts the email to person B using Person B’s public key. Finally, person A sends the encrypted email to person B. When person B receives the encrypted email from person A, person B’s email program uses his private key (again, from the keyring) to decrypt and display the message person A sent him using person B’s public key).
Key point: The private key undoes the encryption the public key creates.
Note that many email programs will automatically know when you enter the email address, in this case for person B, that there is a public key available for person B and fill it in for you.
Similarly, for person B to reply to person A, person B would also have imported Person A’s public key.
Unless a key has an expiration date (an option when setting up the key-pair), you only need to import a person’s public key once.
Also, it’s perfectly acceptable to ask for someone’s public key to send a secure (encrypted) email.
There are also online public key repositories where some people store their public keys. You can also store your public key on your website. It’s public. A key benefit with PGP is there is no password sharing needed.
Limitations
The challenge with the encrypted email is that both email sender and receiver must be sharing their public keys. Therefore, to send/receive encrypted email with someone, you must have already set up PGP (creating your public and private keys for your email accounts and importing any public keys from people to whom you wish to send email). You can’t simply send an encrypted email using PGP to someone who has not shared their public key with you.
Another issue is that if you ask many people for their public key, they won’t have any idea what you’re asking them. You can try to explain what you are trying to do to secure your email, but you might only hear silence.
In cases where people have no idea what PGP encryption is, as mentioned above, you could try to use ProtonMail or a similar service. Using a third party company is still better than sending a totally insecure email. However, it may again be the case where the recipient does not use a third-party email encryption solution.
Another even less desirable option would be to send a password-encrypted zip file or similar. However, note that sending anything “password-protected” means you must share the password, which is the inherent problem PGP solves. With PGP, you freely share your public key. If you send a password using some other non-PGP method, then you must share that password. This old-style password approach is not secure since the password could be intercepted making your email readable again. Or, to share the password, maybe you call the person on the phone to say what the password is. Your (cell, VOIP, …) phone could be intercepted, too.
So, if all else fails, see if the recipient (the person who is asking you to send sensitive information in unprotected email) has a “portal” (a secure website you could log into) backed by HTTPS and then securely upload any documents.
The good news is that finding people who understand and use encryption is not as difficult as you might think and securing your personal and business data are well worth the effort.
Conclusion
Setting up secure email is often important for individuals and for businesses. Ask yourself if “this email” you’re about to send would be OK to print on a US postcard and drop in the US Mail in plain unprotected text. If you answer “no”, then you need to do something “on purpose” — like setting up encrypted email. There are plenty of “how-to” guides online that walk you through setting up PGP email (aka, GPG) for various email clients.
The workflow described above may sound complicated, but once you get PGP set up, and understand how it works, using it is simple and unobtrusive.
With any of these approaches above—even PGP, there is no guarantee what the recipient will do with your data once he decrypts your email and has your original, unencrypted, document(s). Thus, there is always the decision whether something should be emailed (sent) … at all.
Finally, with higher and higher Q-bit computing, we will probably soon need quantum-safe encrypted email. More on this topic in a future article.
Enjoy!
^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^
Please read our disclaimer available from our home page.