There are many steps you can take to ensure that your online activity is secured. As I always say, security is not a one-time thing, nor a one-solution approach. It’s all about layers of protection. One imperative step is email encryption. Below, I reveal why this is important, as well as how to encrypt an email when using one of the popular messaging platforms.
Table of Contents
What is Email Encryption?
Email encryption is a process that will disguise all of the content within the email messages you send to another person. It essentially turns your message into an unreadable code. If someone was to hack into your email, they would not be able to decipher the message. This is imperative when it comes to ensuring that your messages are only read by the intended recipient and no one else! Authentication is commonly a part of email encryption.
Email encryption is not only important for emails that contain sensitive details, such as log-in credentials and financial data. It is also imperative in terms of disguising attachments and making sure that a hacker cannot completely hijack your entire email account.
A lot of people do not realise that email is a vulnerable medium. This is especially the case if you send an email over Wi-Fi, public, or unsecured networks. This is why it is always advisable to use a VPN so you can hide your IP address at all times. I recommend NordVPN as a great all-rounder. Even if you’re at work and you have a secure business network, other users can intercept this, which is why caution is always needed.
With encryption, all of the content of your email will be unreadable while it travels from the origin to the destination. So, even if someone manages to intercept your mail, they won’t be able to determine what the content says!
What Are the Benefits of Email Encryption?
There are a number of key reasons why you should encrypt your email, so I’ll summarise them for you below:
- Protect confidential data – From your banking information to your credit card number, encryption will ensure your private data remains private.
- Protect yourself from identity theft
- Encryption helps people to identify authentic senders – A pivotal step in ensuring you don’t fall victim to spam!
- Nullify message replay possibilities
- Avoid business risks – The last thing any business wants is for their confidential data to fall into the wrong hands.
The Two Main Types of Email Encryption
There are two key email encryption methods that you should know about:
You and the recipient need to use the same method of encryption to ensure that the recipient is able to decrypt the email you send.
So, I’ll talk you through both of these options in more detail…
This email encryption method is in-built in the majority of iOS and OSX devices. If you receive an email that has been sent via an iPhone or MacBook, you may see an attachment with the name “smime.p7s”. This 5-kilobyte attachment is used to verify the recipient of the email, ensuring only the intended person can read the content.
For a recipient to read the email, they must either have received at least one signed email from the sender in the past or be in the sender’s organisation.
So, what are some of the main features of this option?
- It is widely distributed thanks to being part of Outlook and Apple
- It can be difficult to set-up in Gmail and other email clients that are web-based
- Maintenance is simple
- A centralised authority is used to select the encryption algorithm and key size
The other main form of email encryption is PGP/MIME. This differs from the former because it is dependent on a decentralised and distributed trust model. It is a more flexible and low-cost solution, however, it demands third-party tools because it is not widely supported by email clients.
Here are some of the key features of PGP/MIME:
- You can determine how you encrypt your emails and also how well-encrypted the email messages you receive must be
- It doesn’t cost anything to get a certification, whereas you have to buy S/MIME (this will be included in the cost of your Macbook or iPhone)
- It is pretty easy to use with Gmail and other email clients that are web-based
- The recipient needs to have both private and public encryption keys, with the latter being available to the sender
How Do You Encrypt Email Messages in iOS?
The process is really easy with iOS devices, as S/MIME support is in-built as a default setting. So, what steps do you need to follow?
- Head to advanced settings.
- Turn on S/MIME.
- Change “Encrypt by Default” to yes.
- When typing a message, there will be a lock icon next to the recipient. Make sure the lock icon is closed so that the email is encrypted. If the lock is open, simply click on it to close it.
There are two colour codes you need to be aware of with regards to encryption on iOS:
- Red – This means the recipient must turn on their S/MIME setting.
- Blue – The email can be encrypted if the lock is blue.
How Do You Encrypt Emails in Outlook?
As mentioned, Outlook is compatible with the S/MIME protocol. However, some added set-up is needed, which I will talk you through.
- The first thing you will need to do is enable S/MIME encryption. To do this, you are going to need to get a digital ID or certificate from the administrator at your organisation, and then you will need to install S/MIME.
- Once S/MIME has been set-up, you can either sign all messages digitally or encrypt all messages by heading to the gear menu.
- From here, click S/MIME settings.
- Select to add a digital signature to all the messages you send or to encrypt the attachments and contents of all messages.
- If you want to remove or encrypt individual messages, you can choose this by hitting “…” at the top of the message. Select message options. After this, either deselect or select “Encrypt this message (S/MIME).” You will want to deselect the box if the person you are messaging has not enabled S/MIME, otherwise, he or she will not be able to read your message.
How Can You Encrypt Emails in Gmail?
The Gmail app already has S/MIME built into it. However, it will only work if both you and the recipient have it enabled. To enable hosted S/MIME, you need to follow these steps:
- Sign into your Google Admin console
- Click on Apps
- Click on Google Workspace
- Select Gmail
- Choose User Settings
- Navigate to Organizations and choose the organization or domain you want to configure
- Scroll to the S/MIME setting, and check the box that says “Enable S/MIME encryption for sending and receiving emails”
- Choose Save
To use this form of encryption, you simply type your message as you typically would and then select the lock icon, which is located to the right of the recipient. From here, choose ‘view details’ and then you can alter the level of encryption or the S/MIME settings.
There are three colour codes you need to be aware of with regards to encryption on Gmail:
- Red – This email does not have any form of encryption security.
- Grey – This email is protected with Transport Layer Security (TSL). This will only be effective if you and the receiver have TLS capabilities.
- Green – S/MIME encryption protects the information, and a private key is needed for the decryption.
How Do You Encrypt an Email on Your Android Device?
You have a number of options available to you when encrypting an email on Android. These are as follows:
For PGP/MIME, both a keychain and email app are required. This approach demands a bit more of your attention during set-up, yet you don’t need to get a digital signature from someone in advance to send them encrypted messages.
I recommend using OpenKeychain for this. It is a free and straightforward keychain tool, which can be used to store other people’s PGP public keys and certifications.
Using OpenKeychain, you can create your own private and public keys. Simply enter your name, email address, and passwords, and these keys will be generated for you. You can also import an existing key if you have one.
You can also use the app to search for other people’s public keys online so that you can send an encrypted messaged to them. Once you have added a public key to your keychain, you can save it so it can be used more conveniently later.
Using OpenKeychain in an email app is easy. Simply go to the settings on the app, and choose OpenKeychain as your default provider for OpenPGP. The process will differ based on the app you’re using, but it should not be too difficult!
The CipherMail App
Another option is to use the CipherMail app. With this app, you can receive and send S/MIME encrypted mail using the default Gmail application, as well as K-9 and a few other third-party apps.
How to Choose an Email Encryption Tool
A final option is to use an email encryption application. With so many options and complicated technology to contend with, navigation through the encryption tools available today can feel overwhelming. Legacy approaches for encryption are complex, making it difficult to securely manage, update, and use keys. Modern tools, on the other hand, simplify encryption demands.
The key to locating the right encryption tool for you is to search for software that will protect your email messages and any attachments while also offering other features designed to help you reach your security goals, including granular audit and access control.
The best email encryption applications
There are plenty of options available on the market, and some of my favourites are as follows:
The first email encryption tool that I recommend is Proofpoint Email Encryption. This is a great option if you’re looking for something that is easy and convenient. All messages and attachments will be encrypted automatically. This means you do not need to manually encrypt your messages.
You can expect encryption features that are powerful and policy-driven. I personally think this is a great tool for reducing risks relating to corporate policy violations, data loss, and regulatory violations.
If you require sensitive data security to be protected yet accessible to the appropriate end-users, business partners, and affiliates, I would recommend Proofpoint Email Encryption. It is available on mobile and desktop devices, and it comes with some great added extras, including granular control and streamlined storage.
Tutanota is another tool that is worth considering. This is an email encryption service that has both a paid and a free version available. The free tool is good for personal use. However, if you’re looking for encryption software for business use, you will definitely need the fully-featured, paid option.
With the basic account, you will get one secure email account. You won’t need any personal data to access the anonymous email account. IP addresses are not logged. They are removed from every email communication. All of the content, attachments, and the subject are encrypted. The user is the only person who can decrypt the data and access it.
Another feature of Tutanota is the address book, where all of your contacts can be imported with security and confidentiality.
Another encryption tool I rate highly is Micro Focus SecureMail On-Premises. This is an end-to-end email encryption tool that is widely used in maintaining Personal Health Information (PHI) and Personally Identifiable Information (PII) in a private and secure manner.
Identity-based encryption is one of the main features of this tool. This allows organisations to make the most of secure communications without any software needing to be downloaded. You can send information through the use of unique private keys even if the receiver is offline.
My final recommendation is Symantec Gateway Email Encryption. This solution secures all email communications. It acts as a firewall from unauthorised access over the public Internet, irrespective of whether or not the recipient is using any sort of encryption tool. This means that individuals and businesses can lower the chance of a data breach.
If the recipient does not own any encryption software, web email encryption will be used. To ensure secure communication between the recipient and the sender, the receiver will get an email that contains a link to a web portal. The individual needs to log into the portal to access the email, ensuring ultimate security, as communications are occurring within an environment that is encrypted.
One of my favourite elements of Symantec Gateway Email Encryption is the PDF email protection. All PDF attachments are encrypted. The recipient can only access the information with a user-defined password. This is perfect if you are sending a secure email and you do not require a response.
So there you have it: some of the different approaches you can use to encrypt your email messages. I really cannot stress enough just how important this is! Emails are not as secure as people like to think. They’re regularly intercepted when people do not use secure protection methods, such as encryption and VPNs. This is why you need to make a dedicated effort to ensure all of your communication is secure.