Solved

secure external email with information rights management

Posted on 2015-02-03
8
161 Views
Last Modified: 2015-02-04
We have a client requesting email protection to prohibit copying, printing, forwarding of message content for messages sent to external destinations. They are using a rights management solution that works only internal to their organization and want this protection for external mail as well.  

We understand this is a difficult problem and that there is no complete solution, ie no real protection against third-party screen captures, imaging devices, etc, .  We are simply hoping for some feedback on some of the better solutions or partial solutions for external email protection available  at this time.

Thank You,
kc
0
Comment
Question by:CGNET-TE
[X]
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
  • 3
  • 3
  • 2
8 Comments
 
LVL 5

Accepted Solution

by:
Sean Jackson earned 250 total points
ID: 40587052
The best solution I would suggest would be to encrypt the messages before they're sent out, and then make sure the public keys are shared only with the intended recipient.  It's not possible to completely lock this down.
0
 
LVL 83

Assisted Solution

by:Dave Baldwin
Dave Baldwin earned 250 total points
ID: 40587150
I don't think what they want is even possible much less available.  If they send a message to an email client that isn't controlled their software, then they can't prevent anything at all.  If you send me a message, you can't stop me from doing whatever I want with it because I'm not using your software.  

As a matter of fact, if you send me a message and then try to 'reach' into my computer to control what I do with it without my express permission, you have broken at least one and probably several federal laws.
0
 

Author Comment

by:CGNET-TE
ID: 40587382
I appreciate your comments and understand that the problem is impossible to solve.  What I’m hoping is to find a solution which will make the unwanted copying or forwarding of the content more difficult, enough, for instance, to protect from careless or unintentional forwarding of the data.  It might be a web-based solution, such that the intended recipient of the encrypted message can only open it from a secured portal which tracked the viewing as well as made the sharing of the content more difficult.  If anyone has had any experience with any of these kind of solutions, we would appreciate some feedback.
0
Are You Headed to Black Hat USA 2017?

Getting ready for Black Hat next week? Kick things off with the WatchGuard Badge Challenge and test your puzzle and cipher skills. Do you have what it takes to earn our limited edition Firebox Badge? Get started today - https://crimsonthorn.net

 
LVL 5

Expert Comment

by:Sean Jackson
ID: 40587425
We're trying to tell you there is no solution that will do what you're asking. Should I employ some supposed technique and send you an email, what could stop you from copying the data to another medium (text pad as the simplest example)? Once done, what would stop you from sending the data to whomever you wished? You wouldn't have to say it was from me, you could claim authorship.

What could make any of the above more difficult? If you can read it, you can do whatever you want. Even if there was something preventing the copying, you could do a screen shot. Or use a cell phone camera.

If you were to use a secured portal, and not email as the vehicle, again there is nothing that is preventing the reader from doing any of the above.

Again, the best I can suggest is to encrypt and try to control the sharing of the public keys. Perhaps change the keys often.  But still, if a third party has the keys, gets the message, once they decrypt it back to plain text, what's to stop them from sharing?
0
 
LVL 83

Expert Comment

by:Dave Baldwin
ID: 40587508
If you put it on my screen, I can copy it and you can't stop me.  Variations of this question have been asked many times before.  Nope.  Can't do that.
0
 

Author Comment

by:CGNET-TE
ID: 40589515
Thanks Sean and Dave.  I understand there's no stopping that kind of sharing.  To gain at least some minimal level of management of encrypted mail I'll suggest our client trial a couple of the document security services I've seen online.  I'll go ahead and close this case.
0
 
LVL 5

Expert Comment

by:Sean Jackson
ID: 40589571
Glad to help, CGNET-TE. Let me know if I can help with anything in the future.
0
 

Author Comment

by:CGNET-TE
ID: 40589613
Ok, thanks Sean
0

Featured Post

Enterprise Mobility and BYOD For Dummies

Like “For Dummies” books, you can read this in whatever order you choose and learn about mobility and BYOD; and how to put a competitive mobile infrastructure in place. Developed for SMBs and large enterprises alike, you will find helpful use cases, planning, and implementation.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Uncontrolled local administrators groups within any organization pose a huge security risk. Because these groups are locally managed it becomes difficult to audit and maintain them.
The conference as a whole was very interesting, although if one has to make a choice between this one and some others, you may want to check out the others.  This conference is aimed mainly at government agencies.  So it addresses the various compli…
Nobody understands Phishing better than an anti-spam company. That’s why we are providing Phishing Awareness Training to our customers. According to a report by Verizon, only 3% of targeted users report malicious emails to management. With compan…
The Email Laundry PDF encryption service allows companies to send confidential encrypted  emails to anybody. The PDF document can also contain attachments that are embedded in the encrypted PDF. The password is randomly generated by The Email Laundr…

630 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question