4 misconceptions about safe email

The European General Data Protection Regulation (GDPR) made the topic of privacy protection an important agenda item for every company. Almost all the time, risk analysis brings up email traffic as a very risky part. In the meantime however, I often encounter organisations that are pretty sure in their statement that the have their email traffic safe and under control. They think that using some sort of encryption will automatically result in safe email. In this blog post I explain why they are still taking a risk.


Why is regular email unsafe?


For those unfamiliar with how email works, I will give a short introduction on why this option is, by default, unsafe. Email arose in the sixties when privacy and security where relative unknown terms. Originally, emails where sent unencrypted. This is similar to putting a letter in an envelope but without closing it. Both the mailman and employees at the post office can read your letter without you being aware of it.


Someone could say: “Why don’t you just close the envelope?”. That’s the reason why email protocol has been enriched with encryption assistance, also known as ‘STARTTLS’. However, because traditional email still has to be supported, the encryption works as follows: If you want to send your message encrypted your server will ask the receiving server if it supports encryption. If the answer is ‘yes’ the receiving party receives an encrypted message, if the answer is ‘no’ your message is sent without being encrypted. The problem here is that the question itself is being asked unencrypted!
Malicious people can intercept this question by using the so-called “active men-in-the-middle attack” and answer the question with ‘no’. Afterwards the server receives your message unencrypted and they have access to your message.


You could decide to refrain from sending a message once the answer is ‘no’, but how DO you get your message safely to the real recipient?


How can you safely send your emails?


To safely send information by mail you have the following solutions:


1. Build trust between mail servers:

One of the ways to this is by using certificates, VPN tunnels and DANE. DANE is the standard option and has our preference above the other two (maintenance intensive and error prone) solutions. A disadvantage of this option is the fact that in order to build trust between servers you need action on both sides of the line. This is doable when you are dealing with a few important partners. However, as you can imagine, this solution is not very practical since
almost every organisation has conversations with at least a hundred different parties.


2. Encrypting your messages with PKI-systems:

PKI (public key infrastructure) systems, like PGP, presume encryption of messages using a key that is in possession of the receiving party. De- encryption can only happen if you have this key. A disadvantage of this option is that every receiver needs to have his own keys created and use the same PKI system as the sender. As you can image, for the ‘regular’ email user this solution is way too complicated. 

3. Send your message with 2-factor authentication (2FA):

 2FA is known to almost everybody. Maybe not as a term but everyone is using it. For instance that extra SMS message you get when you want to do some online banking or the extra code you have to use when you want to login at work (read our blog about 2FA). It is called 2-factor because it assumes using ‘something you know’ and ‘something you have’. For instance a password and your mobile phone or a token. Using 2FA can make your email safe. The question is however is; how do you make the receiver use the second factor. This is impossible to do with regular email. You will have to encrypt messages with some kind of code (by using 7-zip or Cryptshare for instance) and sent SMS messages to the receiving party. Since it is unrealistic that your own employees are going to do this you, have to find a supplier that makes this all possible.



The reason why your mail is currently NOT safe


The solutions described above are at the moment the only alternatives to send safe messages. Since we know this, at this point of the article I want to share some of the misconception I often encounter during my work:


‘We have installed TLS on our server’. This is very sensible and will for sure result in the major part of your email safely reaching the mail server of the receiving party. I often hear people claim: ‘we safely deliver 99.2% of our messages via TLS’. Very good! However, this figure has been measured afterwards. As I have described earlier in this article, since it is impossible to enforce TLS you are dependent on the receiving party answering ‘yes’ to your question whether or not he supports TLS. You are still risking the possibilities of bad people answering ‘no’ to your question. This does not happen that often, but TLS does not lower the risk either. 

‘We have installed DKIM and SPF’. Very clever! This option does ensure the receiving email server that messages are being sent by you and not by anyone posing as yourself (also known as spoofing). This option does NOT ensure you that your messages are safely reaching the intended audience. The content is not encrypted and still sensitive for a men-in-the-middle attack. 

‘We have already taken care of this with Office365’. Office365 also claims to support encrypted messaging. It is a bit hard to uncover what this function contains. In general it means that you as an admin can decide when encrypted emails have to be sent. The fact that this is not regularly the case gives an indication that this statement looks better than it in reality is. It means that your messages will be encrypted when you are sending them to other users of Office365. Other intended audiences however will receive a notification message. This message contains a link, after they have clicked this link they receive another message containing a code that they can use on the webpage.
The admin has to create these rules and decides when a message is encrypted and when it is not. In practice this results in all kind of questions and complaints. 

‘We sent our email only from our own portal’. Loosely translated: we have created our own environment in which people have to login in order to communicate with each other. That does sound a lot better, doesn’t it? The first question that arises is: did the developers do a good job in creating a safe and secure system? Have they been certified, audited and transparent in the results of their security tests? I haven’t seen many.


Another problem is that this kind of a solution asks users to change their behaviour. They can’t email anymore as they did before but have to do so in a new environment. This is manageable for employees, but for ‘guests’ this is not very user-friendly or easy accessible. Before you know, people are using detours like private email, or simply avoid the system. With all the consequences.

All of these solutions have another restriction: they only ensure you that no one will read the content of your message before it reaches the server of the intended audience. The biggest problem with email is not that the ‘door’ is not safe, but that often really weak passwords are being used. In other words, you never know if only the intended audience has access to the account. 

This leads to my conclusion that real safe email is only possible if the sender chooses for a solution with 2FA. This is the only way to ensure that only the intended audience is able to read the message. Some organisations are a bit reserved when it comes to 2FA, as they are afraid that the recipient might not understand 2FA. Fortunately, the use of 2FA is used increasingly. Let’s hope that it gets adopted in standard protocols, putting the misconceptions mentioned above forever in the past. Although I have mostly mentioned the technical part of safe email in this article, more is needed to ensure safe email between organisations. During the first part of 2017, 42% of all data leaks in the Netherlands were caused by a human error. Someone sent something to the wrong person. In the
health care sector this figure was even higher: 61%! The human part of email is as important as the technical part.

Regular mail, but safe!


Safe email is an important aspect of the new European privacy legislation (GDPR). Based on this
legislation, a data leak can cost a company a huge amount of money. ZIVVER is a solution for safe
email that is user-friendly and works with your own trusted email program. This way human errors
are prevented, information is being encrypted and the control over sent information is still yours!

Everything you need to know about secure mail

This blog emphasizes how human error can have serious consequences for your organization. There is more you can do to prevent human error and keep your email secure. For more information, visit our Secure Email page below. 

Go to our secure email page

RELATED
5_practical_tips_to_securely_share_personal_data_zivver_blog_en-1

5 practical tips to securely share personal data

Tip 1: Make sure the policy is clear What information do you need to send securely? Through which channel and with what security? Employees want to do things the right way, but don’t want to have to reinvent the wheel per situation. They have other things to tend to! So give them a clear overview of all the types of information your organization shares. Add a roadmap […]

Read more
All_it_takes_is_one_human_error_to_compromise_your_organizations_reputation_blog_zivver

All it takes is one human error to compromise your organization's reputation

Professionals understand the value of their companies' reputation. Firms with a powerful and positive reputation attract better employees, partners, and clients. They're regarded as offering additional value, which usually allows them to impose a premium. Customers tend to be more dedicated and purchase broader ranges of services and products. As the industry believes […]

Read more
All_it_takes_is_one_human_error_to_compromise_your_organizations_reputation_blog_zivver

All it takes is one human error to compromise your organization's reputation

Professionals understand the value of their companies' reputation. Firms with a powerful and positive reputation attract better employees, partners, and clients. They're regarded as offering additional value, which usually allows them to impose a premium. Customers tend to be more dedicated and purchase broader ranges of services and products. As the industry believes […]

Read more
The User Representatives - Always here to help you!

The User Representatives - Always here to help you!

  At ZIVVER the success of our customers is paramount! For that reason, we have a dedicated Customer Success team to help our customers maximize their value from our product. Part of the Customer Success team are the User Representatives. Their ultimate goal is to create happy ZIVVER users, by solving all issues, providing information and representing their voice […]

Read more
gdpr_it’s_gonna_be_fines_zivver_en_blog

GDPR: IT’S GONNA BE FINES!

With the inception of the GDPR in May 2018, several companies and their offices were not, and many are still not ready to be compliant with the enhanced European privacy rules and were scared for the potential high penalty payments. This fear was not without grounds. […]

Read more
Introducing-open-conversation-starters-A powerful-new-feature-live on ZIVVERs-platform-blog-eng

Introducing open conversation starters! A powerful new feature from ZIVVER.

One of ZIVVER's most convenient and unique features is the conversation starter. It allows people who don't have an account (guest users) to take the initiative for a conversation with a ZIVVER user, in the same secure email environment. It protects both senders and recipients from possible data leaks caused by guest users. […]

Read more