Learn about email encryption and how to protect sensitive data sent through email.
Email encryption is the process of encrypting, or disguising, the content of email messages to protect sensitive information from being read by unintended recipients, or cybercriminals looking to steal valuable information. The fact of the matter is that email continues to be the primary attack vector for cybercriminals. As such, it's important for organizations of all sizes to practice proper email security hygiene and utilize an email encryption solution when sending intellectual property or other sensitive information over email. Learn how to further secure your email environment by encrypting emails!
Email often contains sensitive or confidential information. When email encryption is employed, it provides the essential security needed to protect that information. As such, organizations of all sizes often employ email encryption as a part of their cybersecurity strategies.
Mimecast Secure Messaging protects sensitive data by making it easy for users to send and receive secure messages, and enabling policy-initiated secure messages at the email encryption gateway for an added layer of security.
Here’s how it works:
Secure messages are scanned for anti-virus, data leaks and compliance policies to help meet requirements for HIPAA, GLBA and PCI-DSS regulations. Mimecast also provides anti-virus and malware protection for all inbound and outbound email.
Mimecast’s encrypted email service offer significant benefits for sending secure emails:
Three standard email security protocols are used to secure email transmission: Secure Sockets Layer (SSL), Transport Layer Security (TLS) and STARTTLS. Because insecure email is a common attack vector for cybercriminals, it’s critical to use email security protocols like SSL/TLS and STARTTLS. Without this measure, users subject their emails and the sensitive data they contain to the possibility of interception, theft and email domain spoofing. With SSL/TLS or STARTTLS in place, cybercriminals who intercept an email can’t unencrypt it without the keys to decode it, which only the email server and client have.
SSL/TLS work by initiating a series of agreements between an email client — such as Gmail or Outlook — and a server to agree on the details of their connection. These agreements require a number of detailed steps, from determining what version of SSL/TLS will be used and how the communication will be encrypted to establishing that a secure connection is in place before transferring the data.
After the agreement series is completed, the email server returns a TLS digital certificate and public encryption key to the email client. The email client then verifies the certificate and creates a shared secret key (SSK), which is returned to the server. The server decrypts the SSK, which allows the transmission of emails.
With STARTTLS, however, it notifies a mail server that the contents of an email need to be encrypted. If the mail is intercepted, its contents and metadata are scrambled and difficult to decode. Once the transmission is received, the data will be decrypted.
To use Mimecast’s encrypted email service, users simply create a new email in Outlook, Mimecast for Mac or within the Secure Messaging web portal. After composing the email, the user selects a Send Secure option before clicking Send as usual.