email encryption

[Chris]

one of our client asked our users (a few) to exchange email using email
encryption. At this point, we don't know if they have a way to encrypt an
email and what kind mailing system they have. still checking. Assuming they
have nothing and we only want to make it available for a few users and easy
for the recipients to decrypt it. What will be the easiest way to achive
this? This is for both email body and any attachment. Cost is also an issue
but not a big concern since we are talking about only a few users. But need
to be aware in case we have to roll it out for more users. Also, what is a
good solution if we want to do it for the whole company?

Thanks.

 

[VanguardLH]

one of our client asked our users (a few) to exchange email using
email
encryption. At this point, we don't know if they have a way to
encrypt an
email and what kind mailing system they have. still checking.
Assuming they
have nothing and we only want to make it available for a few users
and easy
for the recipients to decrypt it. What will be the easiest way to
achive
this? This is for both email body and any attachment. Cost is also
an issue
but not a big concern since we are talking about only a few users.
But need
to be aware in case we have to roll it out for more users. Also,
what is a
good solution if we want to do it for the whole company?

Thanks.

Have whomever wants to *receive* encrypted e-mails go get an e-mail
certificate. You can use the Security tab in Outlook's options to get
one, or get them for free at Thawte (which Verisign acquired but the
Thawte certs are still free but only identify the sender by their
e-mail address). Then that user sends a digitally signed e-mail to
whomever they want to receive encrypted e-mails. The sender then uses
the public key in that cert that they saved to encrypt their e-mail
and sends it back to the original person wanting encrypted e-mail.
The recipient uses their private key (that no one else has) to decrypt
the message.

If you want to send encrypted e-mail, you need to get the public key
for the recipient's e-mail certificate. You get it by having that
recipient give you permission to send them encrypted e-mail which is
accomplished by them sending you a digitally signed e-mail (which
gives you their public key).

If they want to receive encrypted e-mail, they have to give you their
public key. They do that by sending you a digitally signed e-mail.
You then save a record in your address book or contact folder so you
have their public key. You then use that record to send them an
encrypted e-mail that used their public key.

The only person that has the private key is the one that obtained the
e-mail certificate for themself. That way, one, dozens, or hundreds
of other users might have the public key but only the cert owner has
the private key. The e-mails encrypted using the public key cannot be
decrypted without the private key, and only one person has that.