ENCRYPTION FOR EMAIL
Most technology tools and services must have something added to make them encrypted. For example, HyperText Transfer Protocol (HTTP) does not become protected until the security (the SSL) is added, making it HTTPS. Anything you send via email is typically in plain text and is readable by any intermediary. It’s only if you scramble the data (or encrypt it) that it becomes secure between source and target or sender and recipient.
Google and Apple recently started encrypting their email traffic internally, but that only protects email messages within their domains (i.e. if you are messaging someone without an @gmail or @mac email address, it will still be sent in plain text).
EVERY MEASURE COUNTS
We can’t make information 100 percent secure 100 percent of the time. However, if you are transferring client data (such as the Social Security information for 26 million American citizens), an encrypted container will likely obfuscate the true value of the data and prevent 99 percent of intruders who might try to open it if lost or stolen. If you practice encryption by default and work it into your routine, you never have to worry about whether you “locked” the data. It will always be locked.
Within the legal world, reasonable steps can be taken to enable a level of security that far surpasses the needs of most clients. What tools are easy to implement and use?
- At the most basic level, install Virtru into FireFox or Crome, and enable secure email messages through your webmail. It’s free, and you can start using it with three clicks.
- You can easily encrypt attachments using WinZip software. This is not as secure as other tools, but it is popular and easy to implement.
- Pretty Good Privacy (PGP) is the most widely used encryption program, and it is easy to use. You can learn the free version at gnupg.org or pay for the easier to use commercial version at pgp.com
- Two other great tools include Password Safe (originally developed by the rock star of cryptography Bruce Schneier) and Microsoft Bitlocker.
There’s an entire community of development around encryption, and new advancements are on the rise. It’s time to implement proper encryption practices. The software is available, free (or a nominal cost) and easy to use. What are you waiting for?
Author’s Note: This article was originally published by ILTA’s Peer to Peer Magazine in November 2014.