Technically, anyone can read your e-mails if they’re not encrypted, and I’m not talking about those instances where you send the e-mail to the wrong guy, or forget to use BCC: and opt for CC: instead when replying. I’m talking about sending the right e-mail to the right guy. The only way you can truly provide security for your messages is if you encrypt e-mails and their attachments by using file encryption software like AlertBoot.
They say that sending e-mail is like sending a postcard: everyone in the process of delivering that e-mail can read it, if they want to. But who is this “everyone” that delivers the e-mail “they” speak of? In this case, the “everyone” represents all the servers (computers) that pass your e-mail from your computer to the recipient’s computer.
Multiple computers are involved because the path of your e-mail is not pre-planned, like it is for a physical letter. For snail mail, the letter would be sent to the local post office, then to one of the bigger processing centers, then sent to the recipient’s local processing center, then to the local post office, and then delivered to the recipient.
But for electronic mail, it’s a little different. The process of delivering email is described by many as writing a letter, sealing it in a bottle, and tossing it into the sea: you may be in the Bronx and sending the letter to an address in Queens, but the letter could end up drifting into the Atlantic, make its way to the London. Maybe a Welsh guy will pick it up, take it on a trip to Haiti, where he hands it over to an American tourist that lives in Omaha. The Omaha guy sends it to his cousin in Philadelphia, yadda, yadda, yadda -- the letter somehow finds its destination in Queens.
Sounds like a load of bull, except this is related to what’s known as the small world phenomenon, a close relation to the “six degrees of separation” theory, on which the Kevin Bacon game is based. Just replace people with computers, and you’ve got the same situation: the e-mail being forwarded randomly until it reaches its final destination. Kinda cool.
Well, with one exception: the expectation of privacy cannot be justified when it comes to e-mail due to the delivery process. If you’re working for Coca-Cola, there is a small but real possibility that your e-mail to the bottler may go through Pepsi’s computers. If Pepsi were up to the task, it could definitely keep a copy of that e-mail.
But Pepsi wouldn’t do that. With billions upon billions of e-mails to go through on a daily basis, it would be like looking for a needle in a haystack; it’s just not worth it for most companies.
Instead, an information security-conscious person would be better off worrying about an alternate, more common form of e-mail data security breach: the “oops, I sent it to the wrong person(s)” syndrome.
One of the bigger problems in my experience, though, is not so much sending the wrong e-mail as it is attaching the wrong file to an e-mail and sending that. There aren’t too many people who’ll read an e-mail two or three times before clicking on “send.” Even less will check to make sure the correct e-mail address is in the “to:” field. And even less will actually open up an attachment a second time before e-mailing their electronic missive.
Using file encryption tools like document encryption software from AlertBoot will ensure the confidentiality of your e-mail attachments.
Encryption works by scrambling the data. Only those who have access to the key that was used to scramble the data will be able to unscramble it again (you want to be able to access that data at a later date, right?) This data-scrambling process is so sophisticated even organizations like the FBI will pretty much give up trying to crack it. (Sending someone to Guantanamo would probably be less time-intensive. Breaking a 256-bit key, for example, is estimated to take decades by some, centuries by others).
By ensuring that any attachments are encrypted prior to sending them via e-mail should dramatically reduce data breaches associated with electronic correspondence.
An even better company policy would be to ensure that any sensitive files are stored in encrypted format. This way, the data would remain safe regardless of whether e-mail was involved or not. (For example, in the event that laptops or desktops are lost or stolen during a break-in, or if an employee decides to ignore rules prohibiting the transport of laptops outside of company perimeters.)
There is a story at the courier-journal.com that, on the surface, doesn't make any sense. The names
Pingback from Email Attachment Encryption - An Easy Way To Prevent Information Security Breaches - AlertBoot Endpoint Security