Email Encryption for Outlook 2007

Hi Guys,

I am looking for what I am hoping to be a Simple Program that will allow one of my users to send Encrypted email from Outlook 2007.  This user has simple one person (for now) that is requesting encrypted email.  I have tried a few from Symantec, but they don't seem to be that user friendly.  I need something simple if that is possible, and something that the recipient doesn't have to jump through hoops to be able to open.t

Thanks in advance
Who is Participating?
Dave HoweConnect With a Mentor Software and Hardware EngineerCommented:
Outlook already *has* encrypted mail, built in - its called S/Mime.

Problem is, like most encrypted email solutions, you need to have the key for the recipient already on the machine before you can send mail to them - and teaching the users to handle that can be a pain.

Actually *sending* and *receiving* S/Mime is pretty easy though - decryption is automatic (with a password prompt if that is configured) and encryption or signing is simply a case of clicking the appropriate toolbar button.

Symantec's PGP solution works pretty much the same way, but requires a compatible plugin and isn't free.

Symantec's Universal Gateway solution is different, and much more configurable (but again, really REALLY isn't free) - you place a box between your mail server and the internet, that has an internet-facing web interface.  Outbound messages are automatically encrypted, inbound automatically decrypted. IF the recipient doesn't already have a key, then "oracle based" encryption comes into play; the mail is held on the server until the recipient sets up an account (using the web interface, and a link emailed to them) and then they effectively use webmail between you and the server; they also have the option to import a key (pgp again, naturally) and then the mail will be transparently encrypted with that in the future.

Cisco have a similar solution (called CRES) that is fully hosted. Microsoft call theirs "Exchange Hosted Encryption" and a 3rd party called Zixmail have a similar offering.

However, you can't beat S/Mime for universality and cheapness. The keys are actually the same as https certificates, so can be issued using the MS CA software (built into more recent  MS Server operating systems), the free XCA, OpenSSL, and so forth (its a standard, so there are no shortage of ways to generate those). Almost all mail clients support S/Mime without further software needed.
I've yet to find a really simple, cheap email encryption solution that just works and users can understand.

Is this a corporate user with their own email server?  Would TLS encryption between your email servers suffice?  You are looking at the costs of the certificates and the initial configuration but it means it is transparent to the end users, it isn't encrypted in their inbox, just as it transits the internet from your server to theirs.

Without spending any money, you could write the content of the email in a Word Processer and then password protect the document and send that as an attachment instead.
JazzanlexAuthor Commented:
That is what I figured.   This is one user on a Standalone Windows 7 Laptop and he does a small amount of dealings with the Department of Defense and they are requiring him to encrypt his emails.    They do not have there own email server, their company email is hosting through
Cloud Class® Course: MCSA MCSE Windows Server 2012

This course teaches how to install and configure Windows Server 2012 R2.  It is the first step on your path to becoming a Microsoft Certified Solutions Expert (MCSE).

BurundiLappConnect With a Mentor Commented:
Since technically the content would be encrypted this may suffice, to encrypt the full email envelope to suit DOD requirements would, I expect, not be cheap, the encryption in Office 2010 is AES-128 CBC as far as I am aware, with a suitably long password (9 to 10) characters it would make it very hard to brute force the password.
JazzanlexAuthor Commented:
I was able to get the Symantec Desktop Encyrption working  and setup to send encrypted emails to people.  The cost of a program is not the issue, I want to just make sure that the encryption is working correctly.  I am going to try S/Mime setup as well Dave.
Dave HoweSoftware and Hardware EngineerCommented:
The cost of pgp software is more of an issue when everyone you need to send encrypted mail TO has to buy it also.

Now, by my understanding, SDE supports both pgp and s/mime - but s/mime is built into outlook already, and pgp requires the other correspondents to have pgp (ok, or gnupg, the free open source version of the standard)
JazzanlexAuthor Commented:
Hey Guys,

Thanks for you help I was able to get it working through both the Symantec Trial Software and use the built in S/Mime feature in Outlook.  I'll let the receipent decide which he'd like me to use.  Thanks again for the help, I split the point hope you don't mind, as both answered helped and led me in the correct direction.
Dave HoweSoftware and Hardware EngineerCommented:
Well, good luck.

I have seen far, far too many companies start to implement encrypted email, only to fail at the first hurdle - because encrypted email (other than expensive, oracle based solutions, requires that the recipient create a key and send it to the sender in advance, and getting people to do that (and for expiring-key solutions such as s/mime, renewing those) is a major logistical headache.

That said, if this is due to *one* remote correspondent wanting to use encryption - you could just ask them which one they chose to use, and get one of those :)
Question has a verified solution.

Are you are experiencing a similar issue? Get a personalized answer when you ask a related question.

Have a better answer? Share it in a comment.

All Courses

From novice to tech pro — start learning today.