It depends what you think the risk is. Are you protecting internal emails between staff? External emails to trusted (known) partners? External emails to anyone?
For external, TLS is the easiest answer if your threat is mail in transit. Opportunistic should just be set anyway. Mandatory would be between agreed organisations. There are mail gateway appliances you can buy which can define policy based encryption too. For internal and the ability to email anyone, anywhere with encryption, you may want to look at S/MIME or PGP Mail. Fairly straightforward, but you will have a user education piece to go with it! This is the only way of ensuring user to user encryption rather than just in transit. And no, it’s not all that paranoid at all. In fact, most regulated industries have been doing one or all of the above for a long time … ☺ a CLS Classification: Confidential Information This email was classified by Davies, Alan on 26 February 2015 09:31:19. From: [email protected] [mailto:[email protected]] On Behalf Of Kennedy, Jim Sent: 25 February 2015 20:10 To: Micheal Espinola Jr Subject: RE: [Exchange] Email encryption It helps to a certain point. I just don’t think with all the government data dumps being done that we have any real privacy on the net anymore. So your encrypted email is only as good as the various governments that are copying it and storing it currently. So probably pretty good and worth the effort, but not as good as perhaps your users think it will be. From: [email protected]<mailto:[email protected]> [mailto:[email protected]] On Behalf Of Steve Ens Sent: Wednesday, February 25, 2015 2:58 PM To: Micheal Espinola Jr Subject: Re: [Exchange] Email encryption Tell me more Jim, why are you cynical? Because they can get in anyway? Or what? On Wed, Feb 25, 2015 at 1:47 PM, Kennedy, Jim <[email protected]<mailto:[email protected]>> wrote: They are right, but encryption won’t help. I suggest written notes sent via trusted employee with said employee videotaping the recipient eating the message after reading it. Then shooting the delivery guy when he gets back. Sorry, couldn’t resist. My cynical hat is on today. From: [email protected]<mailto:[email protected]> [mailto:[email protected]<mailto:[email protected]>] On Behalf Of Steve Ens Sent: Wednesday, February 25, 2015 2:18 PM To: Micheal Espinola Jr Subject: [Exchange] Email encryption The news gatherers think that their messages are highly sensitive and don't trust regular email any longer. Is anyone encrypting? What is the preferred method? This is new to me. Thanks Steve ************************************************************************************ WARNING: This message contains confidential information and is intended only for the individual named. If you are not the named addressee, you should not disseminate, distribute or copy this e-mail. Please notify the sender immediately by e-mail if you have received this e-mail by mistake and delete this e-mail from your system. E-mails are not encrypted and cannot be guaranteed to be secure or error-free, as information could be intercepted, corrupted, lost, destroyed, arrive late or incomplete, or contain viruses. The sender therefore does not accept liability for any errors or omissions in the contents of this message which arise as a result of this e-mail transmission. If verification is required, please request a hard copy version. "CLS Services Ltd x Registered in England No 4132704 x Registered Office: Exchange Tower x One Harbour Exchange Square x London x E14 9GE"
