How to Secure Emails Smartly
Email Security:
Email is inherently not secure since SMTP does not encrypt messages. Messages sent through SMTP contain information about the computer that it sent from, and the email program that was used. The POP and IMAP protocols do not encrypt the username and password you used to login. The email messages you send may be saved unexpectedly and indefinitely and may be read by unknown persons as a result.
How Emails Works?
Emails follow the simple post office methodology while sending the emails. Computers are like “post offices”, and the “Simple Mail Transport Protocol” (SMTP) is the “procedure” which an “email post office” uses to figure out where to send the letter next. An email program like Outlook or Thunderbird talks to the server directly using SMTP. Web-based interface like GMail or Yahoo! Communicate with the Internet using HTTP. In case the sender’s server cannot contact the recipient’s server directly, it tries to contact the backup servers and even if that isn’t successful, it queues the message and tries again later.
There are really only 2 languages that email computers understand for message retrieval- Internet Message Access Protocol (IMAP) and Post Office Protocol (POP). The email client programs talk directly to the server using IMAP or POP whereas the webmail clients talk to the server using HTTP and the server replies in POP or IMAP.
So, How I Can Secure My Emails?
To secure your emails, take the basic precautions as explained below.
- To make an email secure use a secure email client like Bat, Thunderbird, or even Outlook Express.
- Read email in plain text and do not open an attachment especially if it is a .exe file.
- Use free webmail accounts for subscriptions and postings and when spam does start getting through dump that address and get a new one.
- Use additional multi-layered defenses like anti spyware/ adware to scan your system for Trojans that have crept through and a firewall that will prevent unauthorised applications from connecting to the Internet.
You can make Outlook Express (or any mail client that supports S/MIME) provide encryption, if you have a Digital certificate, but it is expensive for users of personal email.
What is PGP (Pretty Good Privacy)?
Pretty Good Privacy, originally created by Philip Zimmermann in 1991 provides cryptographic privacy and authentication to increase the security of email communications. It supports message authentication and integrity checking. There is no known method, which will allow a person or group to break PGP encryption by cryptographic or computational means.
Various Services to Increase Email Security:
There are many services, which are currently in use in the market to prevent email spam, spoofing, and other email security threats. The below listed services are popularly known for its effective security measures and its features.
Google Postini Services:
Filters out all messaging threats like spam and viruses before they reach the network. It also helps to stop phishing, denial of service (DoS), spam, directory harvest attacks (DHA), viruses, and other attacks. Even if your email servers go down with spooling guarantees email arrives. 99.99% availability for message processing and has a tremendous capacity to handle billions of transactions a day.
Sophos Security and Data Protection:
Relies on remotely monitored, managed appliances, offers easy-to-use protection for groupware (including Microsoft Exchange and Lotus Notes) and UNIX gateway protection. Offers best protection and high performance with Sender Genotype technology and SXL real-time updates since they have been included in their email solutions. Receive free, constant, automatic SophosLabs™ updates, upgrades for new releases, and gain access to a 24/7 in-house technical support with no hidden costs.
Webroot E-Mail Security SaaS:
Blocks spam efficiently. Protects against backscatter and prevents from disturbing images. Helps in neutralizing Distributed Denial of Service (DoS) attacks, and terminates Directory Harvest Attacks (DHA).
VIPRE AntiVirus + AntiSpyware:
Does not slow your computer down like older traditional anti virus programs while still providing high performance security. It also delivers comprehensive security against today’s blended malware threats for email protection, highly complex viruses, and spyware.
Sonic WALL Email Security:
Offers protection against both inbound and outbound viruses and spyware. It also includes several templates and databases. It comes with SonicWALL’s Time Zero Virus Technology, which uses heuristic statistical methodology and virus outbreak responsive techniques. Ability to prevent DHA (Directory Harvest Attack), DoS (Denial of Service) attacks, and provides zombie detection to check whether your computer is a part of a botnet.
McAfee Email Security Service:
comprehensive e-mail filtering is provided and it is compatible with all e-mail platforms. Web-based interface helps you configure your policy, manage the users from an administrator’s point of view, review quarantines, and display reports.
eCipher Pro-Easy Email Encryption:
Encrypt email and attachments. Works with standalone email programs like Microsoft Outlook™, Thunderbird™, Eudora™ and other email clients. Not just that it also works with Gmail™, Yahoo! Plus™, AOL, Comcast, Mac and other webmail accounts.
Outlook Email Security Update:
Meant for Outlook 98 and Outlook 2000. Enable to disable many features that allow viruses to spread easily. In Microsoft Exchange Server environments, administrators can customize the security settings whereas in Outlook 2002, end users can allow access to particular file attachment types that the security features normally block.
Network protection from SmoothZap:
Incorporates MailShell spam detection software that detects 99% of spam email. Analyzes email based on its content, sender reputation and unusual formatting, which are characteristic of spam. Viruses are blocked at the network perimeter, on the firewall, rather than on the mail servers and user PCs. Using SmoothZap as a mail relay provides a layer of isolation between any mail server and the Internet, with no directly open ports between the two. Spam and virus levels are recorded and analyzed as percentages of overall email. Automatically take BCC (Blind Carbon Copy) of both incoming and outgoing email so that an archive of all email is kept.
Shortlist the email security services based on your requirements. Parameterize your required features and cross verify based on your specifications. You can get back to us, for any help on this.
Very cool web site!! Bookmarking your blog.
Thank you for sharing.