In previous blogs, we’ve covered the common types of security risks we face with emails. Now, we need to understand the ways and various technologies that are available to us to ensure secure and safe digital communications. Let’s review them.
1. Email Authentication Protocols
Email authentication protocols like Domain-based Message Authentication, Reporting & Conformance (DMARC). DMARC is an email authentication, policy, and reporting protocol built on two widely deployed protocols, Sender Policy Framework (SPF) and Domain Keys Identified Message (DKIM). DMARC enables users to monitor your domain/organization identity for any kind of spoofing attack.
2. Email Encryption Protocols
Email encryption protocols like Secure/Multipurpose Internet Mail Extensions (S/MIME), not only sign the emails for their authenticity, but also can encrypt the same to ensure access is limited to authorized individuals.
S/MIME is a widely accepted protocol for sending digitally signed and encrypted messages. S/MIME is a Public Key Infrastructure (PKI)-based technology which uses asymmetric cryptography, comprising a pair of mathematically related keys– a public key and a private key. It is computationally impossible to determine the private key based on the public key.
Emails are encrypted with the recipient’s public key and that email can only be decrypted with the corresponding private key, which is in the sole possession of the recipient. Unless the private key is compromised, you can be confident that only your intended recipient will be able to access the sensitive data in your emails.
Encrypted emails are much safer since they can only be decrypted by the email gateway. While digital certificates ensure that emails are well-protected in transit to a server, emails at rest - or in transit elsewhere – are hackable. Knowing that cyber criminals will do whatever it takes to grab data, a stronger form of protection is necessary to protect email. That protection is S/MIME.
3. Pretty Good Privacy (PGP)
Pretty Good Privacy (PGP) is good for plain text, emails, files, and directories encryption. It also costs less than S/MIME and can be effective in case the usage is mainly personal/or for small businesses. But for large organizations it is not the best choice. S/MIME is much more equipped for this since it can easily process multimedia messages, and is more efficient due to centralized key management.
4. GNU Privacy Guard (GPG)
GNU Privacy Guard (GPG) is an open source (free) solution that provides two basic functions. It encrypts messages between two parties without the need to agree on external data such as a password. GPG verifies that a message was sent by the person who claims to have sent it.
The main difference where S/MIME stands out from protocols such as PGP and GPG, is the additional layer of security it offers via a certificate issued through a trusted certificate authority, that ensures timely compliance modification governed by various forums around the world. This in turn, makes it the first choice for institutions with varying high degree of security needs like defence and financials sectors.
Staying On Top Of Security
These are just some of the various methods that help protect email communications. However, it is abundantly clear that as much as organizations do their best to stay on top of their security, hackers are unfortunately one step ahead by finding new methods of bypassing email security placeholders.
For example, using file sharing cloud services like OneDrive, hackers can include links in emails under drives/cloud storage which appear to be legitimate websites. When a user clicks on the webpage and downloads a document, then boom! You are exposed to an attack that could lead to ransomware and then possibly a data breach. For example, let’s say you receive one email from an attacker, and in that email you see a link of file sharing services. As this link originates from this drive, you might think it is safe to check out. However, that is likely not the case. As many of these services are free, it is not difficult for attackers to place corrupted files in them. Furthermore, as soon as you click or download these files, there is always the chance your system could wind up becoming infected.
Threat actors also well know that corporate portals and intranets – which nobody usually pays any attention to – are also excellent targets.
Various email security solutions can help prevent initial attacks. However, we all have a responsibility to do our best to keep email secure -- and that means we need to think twice before clicking on any links and checking emails from unfamiliar addresses. In addition, companies must install as many safeguards as possible to lessen the possibility of hackers getting through in the first place. Using technology such as PKI-based S/MIME, and other the other technologies discussed here, are a good place to start.