Given all the interest in enhanced data security, a new reporting service may open some eyes in terms of the level of security being provided by Internet service providers (ISPs).
Developed in conjunction with Twitter, the Email Privacy Report tool from Message Systems promises to make it easier for IT organizations and end users alike to identify the security protocols and encryption levels that any ISP has put in place.
Message Systems CEO Phillip Merrick says the reporting tool will be permanently available via Twitter. The goal of its creation, though, is to get more ISPs to voluntarily support STARTTLS text encryption protocols to drive further development of industry-wide standards.
Merrick notes that many ISPs don’t encrypt email traffic at all. In fact, email that starts out encrypted may wind up being not encrypted as it moves between an ISP that supports encryption and another that doesn’t. Given the number of peering agreements that ISPs rely on to share email traffic, the probability that your email at some point winds up becoming unencrypted is fairly high.
Message Systems, which counts Pinterest, Zillow, Facebook, LinkedIn, Twitter, Groupon, Salesforce, Marketo, Oracle, Comcast, Time Warner, AT&T and American Express among its customers, sends over 3 trillion collective messages a year, which the company claims is more than 25 percent of the world's legitimate email.
Naturally, encryption in and of itself might not stop cybercriminals working on behalf of a nation state. But in terms of guaranteeing higher levels of security from the average cybercriminal, encryption is still one of the best defenses. Of course, if some ISPs don’t support encryption, then IT organizations might want to start taking steps to make sure their email traffic is permanently routed around those ISPs.