Advertisment

Safeguard Your e-mail

author-image
PCQ Bureau
New Update

E -mails are the most preferred way of communication these days both on

personal and professional front. But, preventing your mails from being

intercepted and read is one of the major concerns these days as they might be

carrying your confidential information.

Advertisment

This problem can be dealt with the help of e-mail encryption tools. In one of

our recent security surveys, we found that e-mail encryption is going to be the

next big thing that a lot of enterprises are planning to implement.

E-mail encryption can be achieved at two levels: Gateway and Desktop. As the

names suggest, gateway level is implemented at the enterprise level. All e-mail

going out of the organization by all users are automatically encrypted. It it is

implemented at the gateway level of the organization. Desktop level e-mail

encryption is for individuals. In this, a user has the liberty to decide whether

to encrypt an e-mail before sending or not. In this article, we take a look at

one of the desktop level e-mail encryption solution called Secured eMail. This

needs to be installed at both the sending and receiving end points in order to

work. We'll tell you how to deploy it in your organization.

Direct Hit!

Applies To: E-mail

users



Price:
USD71 per license for 50-99 users



USP:
Encrypt outgoing e-mails



Primary Link:




www.securedemail.com


Google Keywords: E-mail Encryption

Advertisment

Secured eMail



This is an easy to use desktop e-mail encryption solution that uses 256-bit

Advanced Encryption Standard - Padded Hashed Message (AES_PHM) encryption

algorithm in Cipher Feedback (CFB) mode for encrypting mails. It's also used for

encrypting its databases stored on a local machine. For providing a secure

communication channel this software uses 'one time shared secret' between two

parties. One time shared



secret is the recipient's password and is unique for each contact.

You have to provide it to the recipient only while sending e-mail to him for

the first time, and that you can communicate to him either through an SMS or a

phone call. Once the recipient has entered it, he is no longer required to

provide it again.

Next time, when you send a mail to the same recipient, the software will

automatically encrypt it using the shared secret you provided for the first

time.

Advertisment
Secured e-Mail checks whether the

recipient whom an encrypted mail is being sent to is in the contacts list.

If not then it adds new recipients and provides a shared secret

Using Secured eMail with MS Outlook



You can install this software on Windows 2000/XP/2003 and it takes just a

few minutes to be integrated into your e-mail client. It supports Microsoft

Outlook, Lotus Notes 6.0 including their higher versions and has to be

installed at both sender's and receiver's end After installation is complete

you will see a new tab 'Send secured' for sending the mails through Secured

eMail client. To send an encrypted e-mail, just click on the 'Send secured'

button instead of the 'Send' button. However, at this point if you haven't

already added the contact to whom you are sending the mail into 'My Secured

Contacts' list, then a 'New Contact' window is launched. Simply, provide the

name of the contact.

Advertisment

Within the same window you also have an option 'Create a draft e-mail

containing contact information and the Shared Secret' to keep the shared secret

either for your reference or for the contact. But, this option is not

recommended as the shared secret in draft is not encrypted and if someone gets

access to your mail, he will be able to see that easily.

When recipient receives an encrypted mail, he has to provide the correct

shared secret, and then Secured email client will decrypt the mail and open it

in a Web browser. Instead of using your regular e-mail client, you can also use'

Secured eMail Reader' component of the software to read your



encrypted mails.

In case you are not convinced that the mail you are sending is encrypted,

here is a simple way that we used while testing the product. Install any

protocol analyzer such as WireShark on your machine from which you are sending

secured mails and capture all SMTP packets.

Advertisment

Now, when you send an encrypted mail, you can open packets using SMTP

protocol along with the title message body. Here, you can easily see that the

message body of the mail is encrypted. You can also send a normal mail (without

using Secured eMail software) through Outlook and capture SMTP packets. You will

be able to read all matter in the message body, whereas earlier when mail was

sent using Secured eMail, the message text appeared garbled.

By configuring the Archiving Options of

Secured eMail, you can archive all sent and received encrypted messages at

a desired location
This figure shows the dump of

message body packets of an encrypted e-mail intercepted using WireShark
Advertisment