Encryption Options
A variety of technologies have emerged in the encryption field. Boundary, or gateway, products attempt to encrypt e-mail before it leaves the corporate network. This method seems to have the most traction given its ease of implementation compared with that of other technologies. Staging-server encryption captures and stores secure e-mail locally on the network for remote users to retrieve over secure Web portals. Finally, end-to-end encryption offers the most secure scenario, encrypting the message immediately after the user clicks the Send button (see "Encryption Models," right).
Large-scale deployments of completely secure e-mail are seen mostly in military, financial, health-care and government organizations. And growing businesses are more likely to deploy secure e-mail solutions for specific departments, such as finance, accounting and HR, according to Gartner. These highly secure e-mail systems are expensive, costing $20,000 to $200,000 for a 2,500-user installation, on top of the cost of an existing e-mail platform, Gartner estimates.
» Boundary Encryption
Boundary solutions work well for communications within the corporate network, but may not work for external e-mail, particularly to general consumers. In the boundary model of e-mail encryption, secure relationships are established with the boundary servers of both partner entities. This is typically a manual process, though it's possible to configure some devices to automatically attempt to deliver the e-mail securely, and then fall back to normal mode if secure channels are unavailable. When a secure connection can be established, all e-mail sent between the two gateway servers is encrypted, which means when the data is most vulnerable, it has already been encrypted as it passes over the Internet. In this model, e-mail transiting within your corporate e-mail infrastructure is not encrypted.
Companies with encryption products in this arena include IronPort, Tumbleweed and Voltage Security. These vendors provide devices that serve as a barrier, residing on the edge of the network, filtering all incoming and outgoing messages for spam, malware and phishing.
More important, to address compliance issues, these devices also can provide encryption using a variety of technologies, including PGP, S/MIME and TLS (Transport Layer Security). TLS adoption continues to rise, and it's likely to remain the preferred method through 2009. This is due to its popularity, acceptance and maturity as a secure transport. PGP (Pretty Good Privacy) is a free technology developed by the company of the same name and is effective and easy to use. It's a public-key technology; servers share their public key and encrypt the message with a private key. Using the public key found and managed by Internet keyservers, receiving e-mail servers can decrypt messages. S/MIME (Secure/Multipurpose Internet Mail Extension) is similar to PGP. Encryption products operating at the boundary are best-suited for small companies that send sensitive data from one corporate entity to another. This solution gives them the most bang for the buck and secures e-mail where it's most vulnerable.
>» Staging-Server Encryption
Staging servers are used to store sensitive e-mail that can be retrieved later by the recipient on your secure network. If a user sends an e-mail to a domain that's listed as secure by your outbound security filters, it's routed to a server on your network. E-mail is then sent to the recipient notifying him that he has received a secure message. To read the message, the recipient must log into the secure server, usually using a secure Web portal, to view and respond to the message. This solution can be implemented using gateway devices or can be configured in certain software applications: PostX and Tumbleweed offer good products in this arena. For companies, such as banks, HR firms or credit-card companies, that want to notify customers their attention is needed--for instance, to ascertain that a transaction took place--this method works well.
There are some disadvantages to staging-server encryption, however. If end users correspond often with external recipients, each of those recipients will be forced to maintain yet another in-box and sent-mail box. And forgotten-password resolution for occasional users and automated password recovery must be well-thought-out to prevent additional work and unauthorized access.
>» End-to-End Encryption
End-to-end encryption does what its name suggests: Data is encrypted by the sender and remains so until decrypted by the recipient. Typically, software agents are deployed that let users send encrypted mail by pressing a "Secure Send" button. There are products from PGP, Voltage Security and others that work with all major desktop clients. End-to-end encryption is suitable for environments--such as finance, accounting and HR-- in which sensitive information must be kept secret and transmitted securely.
End-to-end encryption can be configured per user, per department or enterprisewide. It typically works using public-key encryption, with end users storing their public keys on servers that anyone can access--most frequently on servers maintained by the Massachusetts Institute of Technology or PGP. When a user sends an e-mail message, it's immediately encrypted using the recipient's public key found on key servers located on the Internet. Once the message is received, the recipient uses a private key to decrypt and view the message. This technology is getting easier to install and implement, but to encrypt a message, the recipient's public key is required, so if a recipient doesn't have one (and most don't) e-mail messages sent to that recipient will not be encrypted. There is, of course, a mechanism by which users are notified whether their e-mail was sent securely.
