Subscribe / Unsubscribe Enewsletters | Login | Register

Pencil Banner

Email encryption has gotten so much better, so you'd be crazy not to use it

David Strom | July 23, 2015
I once co-wrote a book on enterprise email where I likened email encryption to a "sucking chest wound." That was in 1997, when you had to do all the encryption key management on your own, a daunting task to say the least.

You administer the gateway via a Web browser, and there are dozens of options to set, similar to the DataMotion product.

Voltage has a zero download client, as they call their software that can be used to exchange messages with someone not on their system. SecureMail is showing its age: to get a new user up and rolling, there are several steps to authenticate and two separate browser pages to click on before you can open the attached message to decrypt and view it. Once you do so, you can continue to reply (and also compose messages) to your correspondents, including those you haven't ever sent encrypted mail to before.

Voltage is not designed to protect against the Silk Road scenario.

The bottom line: While parts of Voltage are showing their age, the overall experience is quite capable, and the add-ons for mobile and Outlook/Office are quite nifty. Like DataMotion, you have a lot of control if you want it. For example, it can be configured to decrypt messages, pass them on to a data leak protection device, and then re-encrypt them before sending the message out.

HP has a one-time perpetual license fee that starts at $55 per user, with discounts for volume purchases. Support and maintenance contracts are extra.

Hushmail for Business

Hushmail has also been around for more than a decade and has a solid hosted encryption solution that is the easiest of the products we tested to setup and use. Once you sign up for the service (there is no free trial), you are given the information you need to change your MX DNS records for your email domain to have Hushmail start hosting your email traffic. You add users and you are ready to go, once the DNS propagates over to the Hush servers, which are located in Canada.

There is no software to install on the client side; all mail is accessed via two ways: First, via a secure webmail client that connects to the Hush servers. This is the only way you can send encrypted emails to someone who isn't part of the Hush network. The webmailer is showing its age somewhat but if you want to get started quickly with using encryption, this has a lot of appeal. The Hush webmail app is responsive and you can use it on your mobile phone browser easily.

The second method is for users fond of their existing email clients, such as Outlook or Thunderbird, and are communicating with other Hush users or others on your own domain. In this situation there is literally nothing for them to do: they make use of their existing client to send an encrypted message. Between the client and the Hush server, mail is encrypted using either SSL/TLS. Once it arrives on the server, it is then encrypted via PGP. They have a detailed explanation about their encryption chain here. You can use either POP or IMAP connections to the Hush servers. This means that message bodies are encrypted end-to-end. Like most of the products, you can't encrypt your subject lines.


Previous Page  1  2  3  4  5  6  7  8  9  10  11  12  13  Next Page 

Sign up for CIO Asia eNewsletters.