One Weird Trick to Protect Your Company Email
Once upon a time, companies ran their own email servers, which was frankly a huge pain, requiring dedicated IT staff who new the “black arts” of email — things like the care and feeding of complex mail processing systems and ensuring “deliverability” so outgoing mail didn’t end up in recipients’ spam folders.
These days, it’s easy to offload this work to another provider by moving company email into the cloud. Instead of doing battle with mail servers, you just sign checks and install apps. Sounds great, but buyer beware!
Ceding control of your corporate email to a third-party provider is handing over the kingdom’s top assets. Your email contains the firm’s most sensitive information: deal documents, strategic discussions, personally identifiable customer information — everything you don’t want other people reading. And it’s all discoverable in a legal proceeding because email is an archival trove.
What really happens when a third party vendor — call it GoogoSoft — hosts your corporate email?
GoogoSoft stores all your mail for you. Obviously, your company email has to be stored somewhere, and if it isn’t on your server, then it has to be on one owned by your provider. So, GoogoSoft can now access — read the contents of — every email sent and received by your company.
GoogoSoft tells you that it doesn’t access your mail unless it absolutely needs to. But it does “absolutely need to” access every single email to build an index of all the words for search because, for all major email providers, search happens on their servers.
Also, employees and contractors working for GoogoSoft can access your company email to provide technical support — recovering deleted emails, for example. Again, GoogoSoft tells you that they strictly control this kind of access, leaving you to take it on faith that, among all its tens of thousands of employees and contractors, there are no bad actors. If a GoogoSoft contractor were engaged in industrial espionage, how would GoogoSoft even know?
Googosoft may tell you it encrypts your email “at rest” — that is, whenever it’s stored. Sounds great. You probably think that means GoogoSoft and other folks outside your company can’t read it. Not true! GoogoSoft must be able to read the mail to index it for search. When GoogoSoft encrypts your email, it does so with encryption keys in its possession.
Googosoft may also tell you that it encrypts your email “in flight” — when it’s going between GoogoSoft and other third-party servers. Again, this seems comforting. Sounds like nobody can spy on your email in transit. But it doesn’t mean that at all! That kind of “transport encryption” uses encryption keys held by the mail servers. Every server between you and your recipient can decrypt your email. And, more troublingly, these servers can (and do!) happily decrypt every single email that transits them. That’s how spam filtering works. Each server scans every email looking for spammy content!
The bottom line: when GoogoSoft hosts your company email, it can — and does! — read all of it, as do all the other third parties along the delivery paths of your emails — even if they tell you everything is encrypted.
So, is encryption just a big scam? No. Encryption can protect your company’s best crystal — if you use it properly. It comes down to who holds the keys you use. The solution is end-to-end encryption.
You may have heard about end-to-end (“e2e”) encryption in the context of WhatsApp or Apple iMessage. These messaging systems are owned by single companies: Facebook and Apple. But it’s available for email, too — for sending messages between different providers’ systems using common email handshaking.
In the context of email, end-to-end encryption doesn’t rely on a single company-wide key. Instead, every employee has his or her own unique keys (one public, one private). With e2e email, when you send Sally, the CFO, an email, it is encrypted for Sally. And only Sally’s devices — her phones, tablets, and desktop computers — are provisioned with the key to decrypt it. Not Joe, the sys admin, not malware running inside your network, and not GoogoSoft.
Furthermore, all the emails from Sally are digitally signed with a key unique to her as well. When an employee receives a message that purports to be from Sally, his or her mail reader can check the signature and tell, definitively, whether it came from Sally or not. This protects employees from phishing scams, where fraudsters forge an email from Sally and send it to another employee asking them to wire money — to what ends up being an organized-crime bank account. According to the FBI, this scam alone cost U.S. companies more than $3 billion during the past three years.
Sounds great, right? So, why doesn’t anyone use e2e encrypted email? Why doesn’t GoogoSoft offer it to you when you sign up for its service?
Until recently, e2e encrypted email was a huge pain to deploy, requiring IT folks to manage all these keys for employees and run so-called key management servers. That put you right back in the role of running your own servers, defeating the purpose of moving to the cloud.
Also, GoogoSoft’s need to index mail for search meant that it had to have decryption keys for every email — defeating the entire purpose of using e2e encryption in the first place.
But never fear! (trumpet fanfare) Now, you can deploy e2e email encryption easily. Inky, our email/calendar solution, manages all the keys for you so you don’t have to. And, uniquely, Inky does the search index on your employee devices — not in the cloud — so only employee devices ever need the keys.
You can still host your mail with GoogoSoft, saving all the hosting hassle and costs. But your corporate email’s privacy is protected. In effect, GoogoSoft stores your encrypted email, but can’t read it!
Also, mail servers run by other third parties can’t peek inside your company emails. So you, an Inky user, can email any other Inky user, worldwide, with complete certainty that no intermediaries between you and your intended recipient can snoop.
The best news is that all of this magic happens transparently to your employees: they don’t even know their email is getting encrypted. Their experience is just like using any other mail reader — only now your company and customer secrets remain secret!
Inky’s encryption technology is based on a U.S. Department of Defense standard called S/MIME. It’s what the federal government uses to protect Top Secret emails. We’ve taken S/MIME and made it simple — invisible, really.
And it’s not expensive. Our pricing starts at $5/user/month, with significant discounts for large volumes. A single Inky license lets an employee send encrypted mail from all their phones, tablets, and desktops.
Inky even works with your current provider’s servers, without requiring any data migration. And it provides protection of your corporate email on employee’s personal devices, solving your “BYOD” problem for email and allowing you to remote wipe company email when an employee leaves the company.
If you’d like your company email to be secure in the cloud, give Inky a try. It’s available from http://inky.com and the app stores, and it’s free for use with gmail.com, outlook.com, and iCloud accounts. You can try it out with your own email. When you do, send me an encrypted email to say hello! I’m dave@inky.com and I hope to hear from you soon.
