Google's Transparency Report shows just how much email encryption has evolved over the last decade. In 2013, only 30% of inbound emails were encrypted. Now, that figure is as high as 89% (as of August 2021) for TLS encryption that protects emails in transit.
While the TLS protocol is a great first step, there's more to encryption than this – additional security tools can ensure all bases are always covered. It's clear how important it is to encrypt an email, but, in practice, how does it look?
How to send and receive encrypted emails
It's tricky to encrypt something manually and would be a real barrier to entry for employees if this was the only way. Organisations can automate the encryption process using the right tools and software, taking these security decisions out of the user's hands.
Any time an employee wants to send an encrypted email, it gets routed through software that ensures compliance and security. This software can encrypt messages in different ways. The first is by assigning a public key when a user sends a message. The intended recipient uses a private key assigned by the software, which allows them to open the encrypted message.
Other security protocols, including transport layer security (TLS), may be added, protecting the email in transit. Most users won't notice any difference in sending and receiving an email as the technology handles everything.
Sometimes, if a message is sent outside the organisation or sensitive information needs additional security, the recipient may need a password or secure link to open the email. This protocol ensures that all emails are secure, no matter whom they are sent to (or come from).
Key encryption differences between Gmail and Outlook
All email providers have slightly different encryption methods, and not all offer the level of security many organisations need. Gmail, for instance, sends emails with TLS encryption, but this only works if the recipient's email service also supports this protocol. Gmail also has a confidentiality feature that adds a password to the email while preventing downloading and forwarding.
There are, however, several ways to add additional security to Gmail using Chrome plugins. While these allow you to encrypt a message so only the recipient can read it, you'll need to give the third-party plugin full read access to your email. That, in itself, can be a vulnerability.
With Outlook, there are a few more encryption tools built-in and the ability to install add-ons. One way Outlook allows you to encrypt emails is through S/Mime, which uses certificates to encrypt emails. That works well if both the sender and recipient have installed and shared their certificates, which are simple for Outlook users. Though, if a recipient doesn't use Outlook — or another S/Mime compatible service — this encryption won't work.
Another method is to use Office 365 Message Encryption, which is only available to Office 365 email users. For messages to be encrypted, both the sender and recipient need Outlook and an Office 365 subscription.
Outlook add-ons perhaps provide the most secure and easy-to-use solution. Egress Protect, for example, adds additional encryption and authentication tools while also being easy to use for both senders and recipients.
The benefits of using a more sophisticated solution
Upgrading to a more secure solution doesn't have to be complex. Asking one system to handle your email security needs is possible and increases both security and compliance. The simpler the tool, the more likely it is that employees will use it; this increases security and protects against data loss.
Encrypt at rest and in transit
Egress Protect offers a more sophisticated solution that encrypts emails both at rest and while in transit. It fully integrates with Outlook and Office 365, too. As well as vigorous message-level encryption and rights management, there are audit features built-in to help with compliance. The software also complies with industry standards and has been accredited by both governments and industry bodies.
In order to make encryption as easy as possible for users, Egress Protect's flexible authentication techniques support a recipient's requirements. That removes friction while keeping your sensitive information secure. The Egress app allows users to secure sensitive content from their smartphones when away from their computers to increase this flexibility.
For recipients who might be outside the business network, Egress makes it easy to reply securely to an encrypted message. There's no need for trusted partners to have an account or subscribe to an additional service. Once again, this reduces friction, making it easier for your company to send and receive encrypted messages.
Encrypting emails will keep them safe from hackers, but it won't get used if the encryption service you use isn't simple for employees. By offering straightforward, flexible solutions for sending and opening encrypted emails, the uptake of it by your users will be greater.
Found this article helpful? Check out our email encryption info hub for plenty more.
How do I open my encrypted email?
Opening an encrypted email depends on you, as the receiver, having the correct information to unlock it. That varies across platforms and providers. Some simple solutions might require a password to view the email, while others use certificates and other tools to authenticate who you are.
How do I send and receive encrypted emails?
Sending a secure email from your work email address should, theoretically, be easy — the option to send it with encryption is likely a clickable option on your email platform (such as Outlook, for example). If your business doesn't have a dedicated server with encryption, you can add extensions or apps that will take on the job of encrypting your emails.
Can anyone open encrypted email?
Only those with the correct private key will be able to open an encrypted email, as this is what authenticates the recipient and allows them to decrypt the message. The idea is that only the intended recipient can open the email and read its contents. Even someone who mistakenly receives the email won't be able to open it.