Solved

is it possible to send encrypted email from corporate outlook mail to a gmail account

Posted on 2013-12-11
5
416 Views
Last Modified: 2014-11-12
Hello,
To protect information sent by email from being intercepted, an email can be encrypted. We use encryption for email sent between email addresses in the company e.g. from Mike@ourcompany.com to Andrew@ourcompany.com.
But is it possible to encrypt email sent from Andrew@ourcompany.com to a gmail account (e.g. name@gmail.com)? And what does the gmail account need to have to be able to read the encrypted email?
Thank you
0
Comment
Question by:TechNovation
  • 2
  • 2
5 Comments
 
LVL 3

Expert Comment

by:cristiantm
ID: 39710813
You may want to try Penango (https://www.penango.com/). Its a browser extension that allows use of encrypted mails on Gmail.

Of course you may also setup IMAP/POP access to the gmail account on a Outlook/Thunderbird and use encryption just as you use for your corporate account.
0
 

Author Comment

by:TechNovation
ID: 39710928
the gmail account is that of an employee, we have no control over it.
We want to send sensitive information, is the as is situation enough to send encrypted email or do we need to do something on both our corporate email side AND his gmail account before he will be able to read encrypted email.
Thank you
0
 
LVL 14

Expert Comment

by:Giovanni Heward
ID: 39710929
Here's the steps involved to properly secure email.

cryptography summary

1.

Alice wants to send a message to Bob and provide confidentiality, integrity, proof of origin and proof of receipt.

2.

To protect the secrecy of her message contents, she uses a symmetric cipher to encrypt it. For that she uses a symmetric key. This produces a ciphertext message.

3.

To protect the accuracy of the message, she uses a hashing algorithm that condenses the arbitrary-length message to a fixed-size message digest value.

4.

To prove the message actually came from her, Alice signs the message by encrypting the hash value with her private key. The sum of the message digest encrypted with Alice's private key results in a digital signature.

5.

This digital signature is then appended to the bottom of the symmetrically encrypted message. Now in order for Bob to read, prove the origin, and check the accuracy of the message, he must reverse all of the encryption done above.

6.

To read the message, Bob needs a copy of the symmetric key. Alice encrypts it using asymmetric encryption and encrypts the symmetric key with Bob's public key, producing a ciphertext key.

7.

Bob decrypts the ciphertext key with his private key to give him his copy of the symmetric key.

8.

Bob uses the symmetric key to decrypt the message with that key and read it.

9.

Bob decrypts Alice's digital signature using Alice's public key. Once the decryption process is complete, he is left with the message digest.

10.

But, he has yet to prove the integrity of the message or the proof of origin. He must prove the message digest value is correct. To do this, Bob must rehash the message that he has received and decrypted.

11.

If the message digest that he generates from the message matches the message digest that he decrypted from Alice's digital signature, then he has proof of integrity and proof of origin.

12.

To prove that he received the actual message Alice sent, Bob re-encrypts the message digest with his private key, which will result in his digital signature.

13.

Bob sends his digital signature back to Alice.

14.

Alice decrypts Bob's digital signature using his public key to produce the message digest.

15.

She compares the message digest she just received to the message digest she originally generated. If these two message digests match, then she has proven that her message was received by Bob (proof of receipt) in its correct format (proof of integrity).
0
 
LVL 14

Accepted Solution

by:
Giovanni Heward earned 500 total points
ID: 39710936
The short answer, you may choose between PGP or S/MIME.  In your situation, S/MIME seems to already be in place.

All the gmail users need to do is have Personal Digital Certificates issued and installed in a client, such as Outlook.  This can be done for free.

Step 1:  Get Certificate
http://www.comodo.com/home/email-security/free-email-certificate.php

Step 2: Install in Outlook
http://www.comodo.com/support/products/email_certs/outlook.php

Instructions for Signing an Email and Encrypting an Email are included in the Step 2 link above.

Bear in mind, in order to encrypt email between two parties both parties need to have exchanged their public certificates.  This can be achieved by sending a signed email to each other.

Additional benefits (such as Non-repudiation) are available through S/MIME as well.

Anything encrypted in transit should be encrypted at rest, S/MIME accomplishes both.

3rd party products exist (which are not supported natively by most email clients)--- such as PGP, could achieve your goals as well.
0
 
LVL 3

Expert Comment

by:cristiantm
ID: 39710940
the gmail account is that of an employee, we have no control over it.
We want to send sensitive information, is the as is situation enough to send encrypted email or do we need to do something on both our corporate email side AND his gmail account before he will be able to read encrypted email.
Thank you

I´m supposing you are using on the corporate side S/MIME for encryption, that is the most widely used standard in corporations. Can you confirm that?

Anyway, the gmail user will need to setup on his side a plugin like penango to be able to read emails. Moreover, he will need to have a digital certificate for his email, and this certificate needs to be known to the sender (installed, available on a repository, etc.). Then the sender will be able to use the certificate to encrypt messages and the receiver to open it.
0

Featured Post

How your wiki can always stay up-to-date

Quip doubles as a “living” wiki and a project management tool that evolves with your organization. As you finish projects in Quip, the work remains, easily accessible to all team members, new and old.
- Increase transparency
- Onboard new hires faster
- Access from mobile/offline

Join & Write a Comment

If your app took Google’s lash recently, here are the 5 most likely reasons.
Get an idea of what you should include in an email disclaimer with these Top 5 email disclaimer tips.
This Micro Tutorial will introduce a Google tool, which is a great way to learn more about dimensions in metrics in Google Analytics, even if you use the interface or the API.
This Micro Tutorial will demonstrate the easy use of Gmail embedding images in your email so the recipient of your email can view them in context.

744 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question

Need Help in Real-Time?

Connect with top rated Experts

12 Experts available now in Live!

Get 1:1 Help Now