By today’s fast-moving technological improvement standards, email hasn’t changed much. Indeed, it was 1971 when Raymond Tomlinson conceived the idea for computer engineers to send each other messages. At this point, what was considered the first internet (ARPANET) was only six years old. Incidentally, Tomlinson is also credited with sending the first email and setting the standard for an email address using the “@” symbol.
Email hasn’t changed much since then. Now, just as it was in 1971, email messages are just simple texts sent over a network and are insecure by design. Although people that send emails use the format used to write letters, i.e., the salutation and sign-off, standard email messages are not as secure as traditional letters sent through the mail. It took several years for standards to develop that would protect emails. This protection is called encryption. That said, as much as 50% of email messages sent are unencrypted.
Unencrypted email can have serious consequences. Back in 2014, Sony pictures had their internal servers hacked by North Korea. The apparent reason was to get Sony not to release The Interview, a satirical take on the North Korean regime. The hackers took as much as they could before being discovered, including personal email messages between top executives. Had those messages been encrypted, they would have been unreadable.
Email messaging has become so embedded into how we conduct our lives that we take for granted the information in emails is secure. The reality is if we don’t purposefully make sure our email messages are encrypted, chances are they are not. For example, people send personal information to each other via email. Information such as password resets, login credentials, tax records, and medical records could be at risk of being stolen by cybercriminals.
The security standard that governs emails sent over the internet is SMTP (simple mail transfer protocol). However, this protocol lacks built in security. Unfortunately, your personal information is valuable to cybercriminals. They are always on the lookout for ways to steal it.
Some cybercrime experts say emails are vulnerable throughout their journey from inbox to inbox. Consequently, when thinking about email encryption, multiple places should come under scrutiny:
The only way to have peace of mind that your email is secure is by ensuring end-to-end encryption and data server security. This is accomplished by using a third party that specializes in end-to-end email encryption.
Third-party vendors that specialize in end-to-end email encryption use a pair of encryption keys that have been encrypted using algorithms through public-key cryptography techniques. One is public and one is private. For example, Carl uses end-to-end email encryption. When his friend Lisa, who also uses end-to-end email encryption, wants to send him an email, it gets encrypted with Carl’s public key. The email then goes to the third-party email encryption provider’s secure server, where it stays encrypted. At this point, not even the server can read the email. Finally, when Carl receives the email, he uses his private key to decrypt it.
Staying with the above example, what if Lisa does not use end-to-end email encryption or uses an insecure email service provider? Because Carl uses a third-party end-to-end email encryption provider, the message is encrypted once it reaches the data server. When Carl sends Lisa an email, it is automatically password protected. Lisa would need to know the password, which would not be sent in an email.
In closing, email messages are not as secure as many may think. What some believe to be an instantaneous transfer between two computers, phones, or tablets, is in actuality, a journey through cyberspace with four stopovers. At any point in this journey, an email is vulnerable to theft. The solution is ensuring your emails have end-to-end email encryption. You do this by hiring a third-party that specializes in end-to-end email encryption. Using modern public-key cryptography techniques, the end-to-end email encryption experts develop keys that encrypt and decrypt email messages. In the end, this is the surest way to protect your email. This will give you peace of mind, not to mention unsurpassed security.