Monday, April 04, 2005
Protecting confidential email: some of the contenders
The mainstream email programs have allowed you to electronically scramble ("encrypt") your email for years. It's never caught on because the process was always too involved and too error-prone.
The new trend is for computers to encrypt and decrypt the email without involving you.
Messagelabs has a product designed for exchanging email between your company and a few known partners. Inside your firewall or your business associates's firewalls, the email is readable but whenever the MessageLabs software sees email leaving your network destined for a domain it knows about, it encrypts the transfer using some respected industry-standard techniques.
That makes sense if you're more worried about wiretapping than you are about losing control of your email once it's sitting on your network.
PGP Universal is the grand old man of this industry. The company has over a decade of experience with email security.
Ciphire, if I understand their web site correctly, catches your email on its way to the mail server and encrypts it before it ever hits the wire. That's good security. I worry about reliability. Ciphire was clueful enough to pay for a security review by respected expert Bruce Schneier, who found some ways that Ciphire employees might eavesdrop on your email if they were to turn dishonest but concluded that it was reasonably secure against the rest of the world.
|
The new trend is for computers to encrypt and decrypt the email without involving you.
Messagelabs has a product designed for exchanging email between your company and a few known partners. Inside your firewall or your business associates's firewalls, the email is readable but whenever the MessageLabs software sees email leaving your network destined for a domain it knows about, it encrypts the transfer using some respected industry-standard techniques.
That makes sense if you're more worried about wiretapping than you are about losing control of your email once it's sitting on your network.
PGP Universal is the grand old man of this industry. The company has over a decade of experience with email security.
Ciphire, if I understand their web site correctly, catches your email on its way to the mail server and encrypts it before it ever hits the wire. That's good security. I worry about reliability. Ciphire was clueful enough to pay for a security review by respected expert Bruce Schneier, who found some ways that Ciphire employees might eavesdrop on your email if they were to turn dishonest but concluded that it was reasonably secure against the rest of the world.
# posted by Frederick @ 9:01 PM Email to a friend:
Haloscan: they provide trackback