Solved

Encrypted email

Posted on 2013-01-15
1
324 Views
Last Modified: 2013-01-22
We currently use ZixMail for encrypted email.   In our enviornment, we have about 10 users that at times need to send email encrypted.   Does anyone have any other vendors or software packages that they would recommend?
0
Comment
Question by:bankwest
[X]
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
1 Comment
 
LVL 33

Accepted Solution

by:
Dave Howe earned 500 total points
ID: 38781908
Zixmail is a good choice, but if you are looking for alternatives, its probably best to see what your potential correspondents can support.

s/mime is the first ever used (back when it was called Privacy Enhanced Mail or PEM) and is based around X509 certificates just like HTTPS is. The technology is identical, meaning that you often find you must pay for a CA issued cert in order for potential correspondents to trust you (and that's per recipient). Strong point is that it is already built into the email solution you already have, so no further software installation is required.  

pgp (now openpgp as a standard) is another early runner - similar setup to s/mime (in that each sender must already have the recipient's key in order to encrypt) but using a user-driven trust model instead of the more commercial CA "Top down assertion of trust" model. Note that twice in the last year, that trust turned out not to be well founded, so the model of pgp (user assertion of trust, with you able to decide who you trust to assert trust, who to trust how to *assert* who to trust, and so forth) is being examined as a replacement in the HTTPS world now.
Its slow and complex to set up (plus requires more software, which you might need to pay for) but is a more open trust solution.

If you and all the people you talk to have your own mailservers, it may be worth looking at just using TLS over SMTP - by encrypting the *channel* between your server and theirs, you can ensure that the mail itself is never sent unencrypted between you, even if the mails themselves are never individually encrypted to a given recipient.

Finally, ZixMail is one of the cheaper options in the "oracle based" encryption market (ie. solutions that don't require the recipient to supply you a key in advance) however cisco (with their Ironport/CRES solution), Microsoft (with their "Hosted Email Encryption" FOPE component) and PGP (with their universal gateway) are all strong players in this space.
0

Featured Post

Free Tool: SSL Checker

Scans your site and returns information about your SSL implementation and certificate. Helpful for debugging and validating your SSL configuration.

One of a set of tools we are providing to everyone as a way of saying thank you for being a part of the community.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Follow this checklist to learn more about the 15 things you should never include in an email signature from personal quotes, animated gifs and out-of-date marketing content.
An analysis of the phishing scam that has been affecting Google users, along with steps to take for protection, as well as what to do if you receive one of the emails.
The purpose of this video is to demonstrate how to use PicMonkey software to customize images for a Mailchimp campaign. Picmonkey is free and simple online software which can be used by users who don’t have robust editing software such as Photoshop,…
With Secure Portal Encryption, the recipient is sent a link to their email address directing them to the email laundry delivery page. From there, the recipient will be required to enter a user name and password to enter the page. Once the recipient …

739 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question