Email is perhaps the original “killer app,” an application so effective and easy to use that it sparked the rise of the personal computer and the spread of the Internet. Today it is the de facto standard for business communication with more than 4 billion email accounts worldwide generating nearly 200 billion messages every day. However, security and privacy have never been among email’s better features.
Because emails are predominantly transmitted in plain text form, they are prone to data theft and data leakage. Email data breaches were the main cause of critical data loss in financial, legal and professional firms in 2017, according to Infosecurity Magazine.
Email encryption software can help protect the confidentiality and integrity of email messages and attachments while in transit or in storage. Encryption effectively “scrambles” data, which cannot be read without access to the correct encryption key. As a result, encryption can dramatically reduce, if not eliminate, the risk of data loss or theft.
Although the technology has been around for decades, it has never achieved widespread acceptance. Solutions such as Pretty Good Privacy and Secure MIME are effective but have a reputation for being very difficult to use. Most people struggled with encrypting and signing messages, finding and verifying other people’s public encryption keys and sharing their own keys.
Microsoft is taking steps to change that. The company recently announced a series of new security measures for its Outlook email platform, including an end-to-end encryption solution. Users will be able to turn on a feature that sends messages through a secure connection, shielding them from cybercriminals and hackers.
The features will appear on Outlook.com once you create a new message. An “encrypt” drop-down menu resides next to the Attach button, and it provides options to simply encrypt the message, or encrypt and prevent forwarding.
Outlook.com email recipients who view the encrypted email in Outlook.com, the Outlook for iOS and Android app, or the Windows Mail app can read and reply just like they can with any other email— no extra steps needed. Users without an Outlook account receive a link to a trusted webpage where they can choose to receive a one-time passcode or re-authenticate with a trusted provider before viewing the email.
When composing an email, Outlook will detect sensitive information such as Social Security numbers and will generate a suggestion to send with encryption. You can also restrict recipients from forwarding or copying emails sent from Outlook.com. Additionally, Microsoft Office documents you attach to these emails are encrypted even after downloading, so if the recipient shares or forwards your attachment, the recipient of the forwarded email will not be able to open the attachment. Emails sent with the “prevent forwarding” option are also encrypted.
Email may be crucial to your day-to-day operations, but it has also become one of the main sources of data leakage. Despite the risk, most organizations have chosen not to employ available encryption solutions because of the complexity and inconvenience of managing individual and group policies and encryption keys. With the new end-to-end encryption tools in Outlook, Microsoft has taken a big step in improving the privacy of email messaging.
