encrypted email

I need to encrypt our email. We do not have Microsoft exchange.  Is the encryption done from the web hosting provider? or from the tool people use to send their email? Outlook express, outlook, smartphomes, Iphones?

Thanks, Tom
Who is Participating?
I wear a lot of hats...

"The solutions and answers provided on Experts Exchange have been extremely helpful to me over the last few years. I wear a lot of hats - Developer, Database Administrator, Help Desk, etc., so I know a lot of things but not a lot about one thing. Experts Exchange gives me answers from people who do know a lot about one thing, in a easy to use platform." -Todd S.

Paul MacDonaldDirector, Information SystemsCommented:
Dave HoweSoftware and Hardware EngineerCommented:
As always, the key to encrypted mail isn't what you can send, but what the intended recipient can recieve.

Contact your intended correspondents, and find out what forms of security they can support. The elephants in the room are

a) S/MIME (built into almost all email clients)
b) PGP (theoretically more secure, but in practice works much like s/mime, but needs an add-on to be used)
c) TLS (don't encrypt email, encrypt the transmission of email between your servers and theirs.

of course, having [c] requires you have some form of mail server to do that for you - that's not a major issue (exim for example is free, can be appropriately configured, and will run on windows if you install cygwin) but you may have a non-exchange mailserver already, the question doesn't say :)

In any case, step one is to contact those you wish to exchange secure mail with, and find out what they can support. then you can make an informed choice or choice(s) (I know we here have to support several methods, as not all our correspondents share a single choice)

Experts Exchange Solution brought to you by

Your issues matter to us.

Facing a tech roadblock? Get the help and guidance you need from experienced professionals who care. Ask your question anytime, anywhere, with no hassle.

Start your 7-day free trial
Daniel HelgenbergerCommented:
As DaveHowe did a very good listing of your options, let me add something:

his option [a], S/MIME is in my opinion the only feasible way to implement real mail encryption -for instance and with mobile phones you cannot just install PGP while I have yet to find a mail client which does not support S/MIME.

Most mailservers do a TLS transport encryption nowadays but emails are stored in plain text.
PGP and s/mine will change that, the emails may then be stored in an encrypted format; using certificates (PKI) to encrypt/decrypt messages. I recommend S/MIME, since as DaveHowe pointed out
But there is one major drawback: Since the encryption is done by the mail client obviously, you will not be able to read encrypted mails in a web browser any more or on a Web App. Exchange tried to do that, but it was only working on IE with a special plugin. OWA 2013 does not support S/MIME any more.

To make it work you need to setup a PKI, or enroll in often free certificates from a CA provider. StartSSL and Comodo offer free email certificates.

Here is a good (and free) way to setup s/mime on an iPhone (use google translate, its german...):
Dave HoweSoftware and Hardware EngineerCommented:
which is why tls (and using imaps/pop3s rather than unencrypted protocols; most phones support those) is a good choice - the mail is stored plaintext, so no cryptokeys to support for regulatory processes, easier backups, and so forth.
It's more than this solution.Get answers and train to solve all your tech problems - anytime, anywhere.Try it for free Edge Out The Competitionfor your dream job with proven skills and certifications.Get started today Stand Outas the employee with proven skills.Start learning today for free Move Your Career Forwardwith certification training in the latest technologies.Start your trial today

From novice to tech pro — start learning today.