Email encryption defined in Data Protection 101, our series on the fundamentals of data security.
What is Email Encryption?
Email encryption involves encrypting, or disguising, the content of email messages in order to protect potentially sensitive information from being read by anyone other than intended recipients. Email encryption often includes authentication.
As PC World points out, it’s not just those who may email sensitive information, such as Social Security numbers, login credentials, or bank account numbers, who need to encrypt their email. Hackers who gain unauthorized access to an email account can access attachments, content, and even hijack your entire email account.
Email is a vulnerable medium, particularly when emails are sent over unsecured, or public, Wi-Fi networks. Even emails sent within a secure company network can be intercepted by other users, including your login credentials. Encryption renders the content of your emails unreadable as they travel from origin to destination, so even if someone intercepts your messages, they can’t interpret the content.
Email Encryption: What to Encrypt
PC World points out three primary things you should encrypt:
- The connection from your email provider
- Your actual email messages
- Your stored, cached, or archived email messages
Encrypting the connection prevents unauthorized users on the network from intercepting and capturing your login credentials and any email messages you send or receive as they leave your email provider’s server and travel from server to server around the Internet.
Encrypting email messages before they’re sent means that even if a hacker or anyone other than the intended recipient should intercept your email messages, they’re unreadable, and essentially useless.
Finally, if you store backed-up email messages in an email client, such as Microsoft Outlook, hackers may gain access despite password protection of your accounts and even your device. Email encryption ensures that even if access is obtained, the content of your email messages is unreadable.
What Email Encryption Does
There are a variety of technology tools that can be used to encrypt email. A personal email certificate is one method of protection that digitally signs your messages, reducing the amount of spam messages that can be sent using your name and email account. This digital signature lets recipients know whether the messages they receive were actually sent by you; spoofed email messages will not contain the digital signature, tipping recipients off that the message may contain spam or malicious content.
Email encryption relies on a Public Key Infrastructure or PKI, in most cases, a combination of a private key (known only by you) and a public key (known only to those you choose to distribute it to or even made publicly available). Those sending emails that they want to encrypt would use the public key, while the intended recipient would use the private key to decrypt those messages into a readable format. In the PKI model, anyone can use a public key to encrypt email, but each encrypted message can only be decrypted by a unique private key.
Best practices for email encryption include consistently encrypting all messages you send and receive. Encrypting only email messages containing sensitive information raises a flag to hackers, pointing them directly to the messages that are most likely to contain valuable, sensitive information – the very information you’re trying to prevent outsiders from gaining access to in the first place.
When you encrypt all email messages as a standard practice, hackers wishing to access your personal information have a more substantial task in front of them. Decrypting email messages one-by-one in search of a single message containing sensitive information is a daunting and tedious task that even the most dedicated hackers may feel is not worth the effort.
FAQs
Email encryption involves encrypting, or disguising, the content of email messages in order to protect potentially sensitive information from being read by anyone other than intended recipients. Email encryption often includes authentication.
What is email encryption? ›
Email encryption is an authentication process that prevents messages from being read by an unintended or unauthorized individual. It scrambles the original sent message and converts it into an unreadable or undecipherable format.
What are the two main methods used to encrypt email? ›
PGP and S/MIME
Pretty Good Privacy (PGP) and S/MIME are two traditional standards used to send secure end-to-end encrypted emails. Both protocols use the public key of a recipient to encrypt a message and decrypt their message using their private key.
What is the best definition of encryption? ›
Encryption defined
At its most basic level, encryption is the process of protecting information or data by using mathematical models to scramble it in such a way that only the parties who have the key to unscramble it can access it.
What is the difference between encrypted email and secure email? ›
It ensures that the information within the email is encoded and can only be deciphered by the intended recipient. Secure email on the other hand encompasses a broader range of security measures beyond encryption, and includes additional features, and protective measures to safeguard against various email-based threats.
Are Gmail emails encrypted? ›
First of all, the Gmail server is automatically protected by network-level encryption. This layer of encryption protects your emails within Google's network or while they're in transit from sender to recipient. However, once your email leaves Google's network, it is no longer protected.
How is email encryption done? ›
How Does Email Encryption Work? Data encryption can be performed using symmetric or asymmetric encryption algorithms. Symmetric encryption uses the same secret key for encryption and decryption, while asymmetric or public key cryptography uses a public key for encryption and a related private key for decryption.
What tool is used to encrypt emails? ›
What are some common email encryption tools?
| Encryption tool | Type of encryption |
|---|
| STLS, like STARTTLS, is a command that initiates a TLS connection for POP3 | Transport layer |
| Pretty Good Privacy (PGP) and OpenPGP are programs that use public and private key encryption | End-to-end |
2 more rowsEncrypted emails look like gibberish to any unauthorized person who tries to read them. Email encryption means that both the sender and receiver have a key (digital code) so that the email is encrypted when sent and then decrypted when opened by the intended recipient.
What is encryption for dummies? ›
In simple words, encryption protects sensitive data from prying eyes by scrambling ordinary text (plaintext) into a form (ciphertext) that is impossible to read without the proper decryption key. An example of basic encryption is swapping each letter with the one that holds its opposite position in the alphabet.
DES, AES, and RSA are the three primary encryption types. A more recent 3DES is a block cipher that is still in use today. The Triple Data Encryption Standard (3DES) does exactly what its name says. For triple protection, it employs three independent 56-bit keys rather than a single 56-bit key.
What is an example of encryption? ›
Most people will encounter encryption in their daily life when communicating. For example, messaging apps like Signal or Wire (both of them among the best WhatsApp alternatives ) will encrypt your chats. Another good example is email, which, without strong encryption, can be intercepted by government agencies.
What email gets hacked the least? ›
14 Top Secure Email Providers
- ProtonMail. ProtonMail is the most well-known secure email provider. ...
- Mailbox.org. Mailbox.org is a secure email service aimed at business users looking for an alternative to Google or Microsoft tools. ...
- HubSpot. ...
- Zoho Mail. ...
- Tuta. ...
- Posteo. ...
- Thexyz. ...
- PrivateMail.
It's too Expensive. While there are ways to ensure universal end-to-end email encryption, it's probably too costly for the average user. For example, at every point in the email chain of custody, there is a potential security risk. For example, in places such as web browsers and servers.
Why is email encryption difficult? ›
Compatibility issues: Some methods of mail encryption require both the sender and recipient to use the same encryption technology, which can be a challenge when different email systems are used or when recipients have older software that doesn't support decryption.
Is it a good idea to encrypt your email? ›
Encrypting email can significantly lower the chances of a hacker gaining access to the sensitive data within your emails.
How do I know if my email is encrypted? ›
Check if a message you're sending is encrypted
To the right of your recipients, you'll see a lock icon that shows the level of encryption that is supported by your message's recipients. If there are multiple users with various encryption levels, the icon will show the lowest encryption status.
Why would you want to encrypt an email? ›
Email encryption involves encrypting, or disguising, the content of email messages in order to protect potentially sensitive information from being read by anyone other than intended recipients. Email encryption often includes authentication.
Do I need to encrypt my emails? ›
Encrypting an email message ensures that the content of your email remains private and inaccessible to unauthorized individuals. Only the recipients of a message included in the To: or Cc: fields will be able to read the encrypted message.
