Pau Lo
asked on
Email security
What are the modern solutions to secure transfer of sensitive email from one company to another? And what kind of prices are we looking at to implement such solutions. Plus what kind of compatibility issues need to be reviewed when implementing this secure transmission from one companies email system to another? Are there any other issues to consider between the 2 parties?
Also, I assume by default email from one companies exchange 2010 > 3rd party exchange 2003 solution won’t have any sort of security like encryption? Or would it?
As a very naïve networking question – if we have one core network but upwards of 30 sites. If email goes from 1 site to another site is that then traversing the internet, or is it still “Internal to internal” traffic? Networking is not my forte.
Also, I assume by default email from one companies exchange 2010 > 3rd party exchange 2003 solution won’t have any sort of security like encryption? Or would it?
As a very naïve networking question – if we have one core network but upwards of 30 sites. If email goes from 1 site to another site is that then traversing the internet, or is it still “Internal to internal” traffic? Networking is not my forte.
ASKER CERTIFIED SOLUTION
membership
This solution is only available to members.
To access this solution, you must be a member of Experts Exchange.
Hahaha! If you have a leased line (like a Frame Relay circuit or T1) that goes (only) from the central office to the remote site, or if you have a Virtual Private Network (VPN) connection established between the two networks.
It's a technical issue so the jargon is required, sorry. If you're not sure, you should get/rent someone locally to help you. Whoever provides your Internet access (either at your central location or one of your remote sites) may be able to clarify things.
It's a technical issue so the jargon is required, sorry. If you're not sure, you should get/rent someone locally to help you. Whoever provides your Internet access (either at your central location or one of your remote sites) may be able to clarify things.
ASKER
Is PGP easy to implement? Is there compatibility issues from either side that need considering.
Is the encryption well respected etc?
Is the encryption well respected etc?
PGP is easy to implement. As to compatibility, that will depend on the e-mail client you're using, but I would expect all the major, modern clients to support it. PGP is well established, having been around for quite a while now. It's not the most secure method of encryption, but aside from a targeted attack, it stands up quite nicely.
ASKER
Ok thanks. So what are the more secure solutions, and subsequent costs?
ASKER
email client here outlook 2003
Either hosted or (like PGP) certificate-based encryption will be the norm. Longer keys = harder to crack. Note that there are restrictions on exporting some encryption technology, so if any of your sites are outside the 50 states, you'll have to make an exeption for that site or lower your standards to what's allowable.
These are just some providers to get you started. These are not endorsements:
http://www.zixcorp.com/secure-email/?gclid=CMj03-nqqawCFQyEhwodQn-aAw
http://www.hushmail.com/
http://www.cryptzone.com/products/email/
These are just some providers to get you started. These are not endorsements:
http://www.zixcorp.com/secure-email/?gclid=CMj03-nqqawCFQyEhwodQn-aAw
http://www.hushmail.com/
http://www.cryptzone.com/products/email/
ASKER
Any rough guide on cost?
Thanks Paul
Thanks Paul
PGP is free. There may be other similar free solutions out there.
Those links I posted are for different things so the costs will vary accordingly, usually based on the number of people using their products. Your best bet would be to get in touch with them, explain what you want to accomplish, and have them quote you a price directly. Any number I gave you would just be made up.
Those links I posted are for different things so the costs will vary accordingly, usually based on the number of people using their products. Your best bet would be to get in touch with them, explain what you want to accomplish, and have them quote you a price directly. Any number I gave you would just be made up.
ASKER