Go Premium for a chance to win a PS4. Enter to Win

x
?
Solved

secure external email with information rights management

Posted on 2015-02-03
8
Medium Priority
?
165 Views
Last Modified: 2015-02-04
We have a client requesting email protection to prohibit copying, printing, forwarding of message content for messages sent to external destinations. They are using a rights management solution that works only internal to their organization and want this protection for external mail as well.  

We understand this is a difficult problem and that there is no complete solution, ie no real protection against third-party screen captures, imaging devices, etc, .  We are simply hoping for some feedback on some of the better solutions or partial solutions for external email protection available  at this time.

Thank You,
kc
0
Comment
Question by:CGNET-TE
  • 3
  • 3
  • 2
8 Comments
 
LVL 5

Accepted Solution

by:
Sean Jackson earned 1000 total points
ID: 40587052
The best solution I would suggest would be to encrypt the messages before they're sent out, and then make sure the public keys are shared only with the intended recipient.  It's not possible to completely lock this down.
0
 
LVL 84

Assisted Solution

by:Dave Baldwin
Dave Baldwin earned 1000 total points
ID: 40587150
I don't think what they want is even possible much less available.  If they send a message to an email client that isn't controlled their software, then they can't prevent anything at all.  If you send me a message, you can't stop me from doing whatever I want with it because I'm not using your software.  

As a matter of fact, if you send me a message and then try to 'reach' into my computer to control what I do with it without my express permission, you have broken at least one and probably several federal laws.
0
 

Author Comment

by:CGNET-TE
ID: 40587382
I appreciate your comments and understand that the problem is impossible to solve.  What I’m hoping is to find a solution which will make the unwanted copying or forwarding of the content more difficult, enough, for instance, to protect from careless or unintentional forwarding of the data.  It might be a web-based solution, such that the intended recipient of the encrypted message can only open it from a secured portal which tracked the viewing as well as made the sharing of the content more difficult.  If anyone has had any experience with any of these kind of solutions, we would appreciate some feedback.
0
 The Evil-ution of Network Security Threats

What are the hacks that forever changed the security industry? To answer that question, we created an exciting new eBook that takes you on a trip through hacking history. It explores the top hacks from the 80s to 2010s, why they mattered, and how the security industry responded.

 
LVL 5

Expert Comment

by:Sean Jackson
ID: 40587425
We're trying to tell you there is no solution that will do what you're asking. Should I employ some supposed technique and send you an email, what could stop you from copying the data to another medium (text pad as the simplest example)? Once done, what would stop you from sending the data to whomever you wished? You wouldn't have to say it was from me, you could claim authorship.

What could make any of the above more difficult? If you can read it, you can do whatever you want. Even if there was something preventing the copying, you could do a screen shot. Or use a cell phone camera.

If you were to use a secured portal, and not email as the vehicle, again there is nothing that is preventing the reader from doing any of the above.

Again, the best I can suggest is to encrypt and try to control the sharing of the public keys. Perhaps change the keys often.  But still, if a third party has the keys, gets the message, once they decrypt it back to plain text, what's to stop them from sharing?
0
 
LVL 84

Expert Comment

by:Dave Baldwin
ID: 40587508
If you put it on my screen, I can copy it and you can't stop me.  Variations of this question have been asked many times before.  Nope.  Can't do that.
0
 

Author Comment

by:CGNET-TE
ID: 40589515
Thanks Sean and Dave.  I understand there's no stopping that kind of sharing.  To gain at least some minimal level of management of encrypted mail I'll suggest our client trial a couple of the document security services I've seen online.  I'll go ahead and close this case.
0
 
LVL 5

Expert Comment

by:Sean Jackson
ID: 40589571
Glad to help, CGNET-TE. Let me know if I can help with anything in the future.
0
 

Author Comment

by:CGNET-TE
ID: 40589613
Ok, thanks Sean
0

Featured Post

Ready for your healthcare security check-up?

In the past few years, healthcare organizations have become a prime target for advanced attacks. Does your organization have what it needs to defend itself? Schedule your healthcare security check-up today and download our free Healthcare Security Resource Kit today!

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

If you are like me and like multiple layers of protection, read on!
When you put your credit card number into a website for an online transaction, surely you know to look for signs of a secure website such as the padlock icon in the web browser or the green address bar.  This is one way to protect yourself from oth…
Sending a Secure fax is easy with eFax Corporate (http://www.enterprise.efax.com). First, just open a new email message. In the To field, type your recipient's fax number @efaxsend.com. You can even send a secure international fax — just include t…
Email security requires an ever evolving service that stays up to date with counter-evolving threats. The Email Laundry perform Research and Development to ensure their email security service evolves faster than cyber criminals. We apply our Threat…

876 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question