Solved

Email Encryption for Outlook 2007

Posted on 2015-01-16
8
237 Views
Last Modified: 2015-01-17
Hi Guys,

I am looking for what I am hoping to be a Simple Program that will allow one of my users to send Encrypted email from Outlook 2007.  This user has simple one person (for now) that is requesting encrypted email.  I have tried a few from Symantec, but they don't seem to be that user friendly.  I need something simple if that is possible, and something that the recipient doesn't have to jump through hoops to be able to open.t

Thanks in advance
Jazzanlex
0
Comment
Question by:Jazzanlex
[X]
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
  • 3
  • 3
  • 2
8 Comments
 
LVL 6

Expert Comment

by:BurundiLapp
ID: 40553879
I've yet to find a really simple, cheap email encryption solution that just works and users can understand.

Is this a corporate user with their own email server?  Would TLS encryption between your email servers suffice?  You are looking at the costs of the certificates and the initial configuration but it means it is transparent to the end users, it isn't encrypted in their inbox, just as it transits the internet from your server to theirs.

Without spending any money, you could write the content of the email in a Word Processer and then password protect the document and send that as an attachment instead.
0
 
LVL 1

Author Comment

by:Jazzanlex
ID: 40553901
That is what I figured.   This is one user on a Standalone Windows 7 Laptop and he does a small amount of dealings with the Department of Defense and they are requiring him to encrypt his emails.    They do not have there own email server, their company email is hosting through 1and1.com.
0
 
LVL 6

Assisted Solution

by:BurundiLapp
BurundiLapp earned 250 total points
ID: 40553908
Since technically the content would be encrypted this may suffice, to encrypt the full email envelope to suit DOD requirements would, I expect, not be cheap, the encryption in Office 2010 is AES-128 CBC as far as I am aware, with a suitably long password (9 to 10) characters it would make it very hard to brute force the password.
0
When ransomware hits your clients, what do you do?

MSPs: Endpoint security isn’t enough to prevent ransomware.
As the impact and severity of crypto ransomware attacks has grown, Webroot has fought back, not just by building a next-gen endpoint solution capable of preventing ransomware attacks but also by being a thought leader.

 
LVL 33

Accepted Solution

by:
Dave Howe earned 250 total points
ID: 40554909
Outlook already *has* encrypted mail, built in - its called S/Mime.

Problem is, like most encrypted email solutions, you need to have the key for the recipient already on the machine before you can send mail to them - and teaching the users to handle that can be a pain.

Actually *sending* and *receiving* S/Mime is pretty easy though - decryption is automatic (with a password prompt if that is configured) and encryption or signing is simply a case of clicking the appropriate toolbar button.

Symantec's PGP solution works pretty much the same way, but requires a compatible plugin and isn't free.

Symantec's Universal Gateway solution is different, and much more configurable (but again, really REALLY isn't free) - you place a box between your mail server and the internet, that has an internet-facing web interface.  Outbound messages are automatically encrypted, inbound automatically decrypted. IF the recipient doesn't already have a key, then "oracle based" encryption comes into play; the mail is held on the server until the recipient sets up an account (using the web interface, and a link emailed to them) and then they effectively use webmail between you and the server; they also have the option to import a key (pgp again, naturally) and then the mail will be transparently encrypted with that in the future.

Cisco have a similar solution (called CRES) that is fully hosted. Microsoft call theirs "Exchange Hosted Encryption" and a 3rd party called Zixmail have a similar offering.

However, you can't beat S/Mime for universality and cheapness. The keys are actually the same as https certificates, so can be issued using the MS CA software (built into more recent  MS Server operating systems), the free XCA, OpenSSL, and so forth (its a standard, so there are no shortage of ways to generate those). Almost all mail clients support S/Mime without further software needed.
0
 
LVL 1

Author Comment

by:Jazzanlex
ID: 40555070
I was able to get the Symantec Desktop Encyrption working  and setup to send encrypted emails to people.  The cost of a program is not the issue, I want to just make sure that the encryption is working correctly.  I am going to try S/Mime setup as well Dave.
0
 
LVL 33

Expert Comment

by:Dave Howe
ID: 40555111
The cost of pgp software is more of an issue when everyone you need to send encrypted mail TO has to buy it also.

Now, by my understanding, SDE supports both pgp and s/mime - but s/mime is built into outlook already, and pgp requires the other correspondents to have pgp (ok, or gnupg, the free open source version of the standard)
0
 
LVL 1

Author Closing Comment

by:Jazzanlex
ID: 40555188
Hey Guys,

Thanks for you help I was able to get it working through both the Symantec Trial Software and use the built in S/Mime feature in Outlook.  I'll let the receipent decide which he'd like me to use.  Thanks again for the help, I split the point hope you don't mind, as both answered helped and led me in the correct direction.
0
 
LVL 33

Expert Comment

by:Dave Howe
ID: 40555208
Well, good luck.

I have seen far, far too many companies start to implement encrypted email, only to fail at the first hurdle - because encrypted email (other than expensive, oracle based solutions, requires that the recipient create a key and send it to the sender in advance, and getting people to do that (and for expiring-key solutions such as s/mime, renewing those) is a major logistical headache.

That said, if this is due to *one* remote correspondent wanting to use encryption - you could just ask them which one they chose to use, and get one of those :)
0

Featured Post

Salesforce Made Easy to Use

On-screen guidance at the moment of need enables you & your employees to focus on the core, you can now boost your adoption rates swiftly and simply with one easy tool.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

This article helps those who get the 0xc004d307 error when trying to rearm (reset the license) Office 2013 in a Virtual Desktop Infrastructure (VDI) and/or those trying to prep the master image for Microsoft Key Management (KMS) activation. (i.e.- C…
In this post we will be converting StringData saved within a text file into a hash table. This can be further used in a PowerShell script for replacing settings that are dynamic in nature from environment to environment.
With the advent of Windows 10, Microsoft is pushing a Get Windows 10 icon into the notification area (system tray) of qualifying computers. There are many reasons for wanting to remove this icon. This two-part Experts Exchange video Micro Tutorial s…
The Email Laundry PDF encryption service allows companies to send confidential encrypted  emails to anybody. The PDF document can also contain attachments that are embedded in the encrypted PDF. The password is randomly generated by The Email Laundr…

691 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question