This IT-Director.com story is a straight forward look at two approaches to e-mail encryption. Gateway-to-gateway encryption, as the name implies, only mixes messages as they enter or exit the enterprise. The other approach scrambles the data via software in the client device.The fullest approach is to encrypt in the client, since that means that the data will be secure while in the enterprise. This is good since there is no guarantee that employees are honest or, in the case of wireless devices, people with bad intentions aren't sniffing the airwaves.
The writer acknowledges that endpoint-to-endpoint e-mail encryption is more difficult to implement than the gateway-to-gateway version. However, there are ways to do this that are invisible to end users and can be integrated with corporate security policies. Thus, for instance, the system can be programmed to look for specific keywords in outgoing e-mail that could suggest a particular problem, such as employees sending out sensitive data.
Apparently, there is more than one opinion on where email encryption is best located. Last week, PGP upgraded the encryption tools for its Universal Gateway E-mail product. eWEEK describes the new features, which are called PDF Messenger and Certified Delivery. The upgrades -- available later this year -- allow delivery of encrypted PDFs that can be opened using standard readers, the story says. Another new feature logs successful deliveries. The story says that a key advantage of PGP's product is that it works with any e-mail system.
Also last week, Cisco's IronPort Systems introduced what it describes as fully integrated data loss prevention and encryption capabilities for e-mail. The press release says that the new system marries traditional e-mail security procedures -- such as spam and virus filtering -- with policy creation, content scanning and message encryption and quarantining and/or archiving. The system is client-based.
A bit of context is available from in this Dark Reading piece. It says that a decade ago e-mail encryption was not done much because of its complexity. It now is becoming a bit more common, especially among organizations in heavily regulated industry. One such organization is UT Southwestern Medical Center in Dallas, which just signed a three-year contract with ZixCorp for e-mail encryption for 5,000 users.
Identity-based encryption, the piece says, is available from companies such as Voltage Security and Identum. E-mail encryption services -- as opposed to products -- include Goodmail and Yahoo. The story also describes the upgrade to the PGP product.
E-mail encryption will gradually grow as it becomes easier and the risks of unprotected messages become more dire. It will be interesting to watch whether client- or gateway-based products predominate -- or whether the two approaches share the market equally.