In the modern world, sending information through emails is what keeps most businesses afloat in their day-to-day activities. Emails contain confidential information such as business plans, contract bids, company records, trade secrets, marketing strategies, and other private data.
Most email messages travel long distances through a range of networks, either monitored and unmonitored, secure and insecure, passing through different servers across the Internet too. This means that someone can pretty much access any of these servers or use a packet sniffing tool to read your email messages.
For this reason, you should encrypt your emails to ensure they are secure. Microsoft Outlook allows for email encryption where it is converted from the plain text that is readable to twisted encrypted text. It means that only the receiver who possesses the private key that completely matches the current public key in the encrypted message can access the message.
If the recipient doesn’t have the private key, they will see a message shown below:
"This item cannot be displayed in the Reading Pane. Open the item to read its contents."
If you try to open the message. A dialogue box with the message below will pop up:
"Sorry, we're having trouble opening this item. This could be temporary, but if you see it again, you might want to restart Outlook. Your Digital ID name cannot be found by the underlying security system."
To ensure your email is secure, it’s recommended to encrypt two key things: the email messages and the connection from the email provider.
Email Connections Encryption
When the email connection from the email provider is left unencrypted when sending email messages, it poses a risk of cyber attacks. To ensure other people do not hijack your connection, you need to encrypt it using secure socket layer (SSL) or transport layer security (TLS). Whether you’re using Outlook or any email app, the process of incorporating SSL/TLS encryption is similar.
To do this, follow the step below:
- Open your Outlook program or app and go to the menu. Your account will be named either as HTTP, IMAP/SMTP/POP/SMTP, or Exchange account.
- Click the “Advanced” section and set it to use SSL/TLS encrypted connection for any incoming and outcoming emails.
- Check the box with the text “This server requires an encrypted connection (SSL/TLS).” This should move to port 995.
- From the menu, ensure you select the text “Use the following type of encrypted connection” and ensure the outgoing services (SMTP) is at 465.
- Hit the “OK” button and go back to the main menu then click Next. You should see a message that shows “View Certificate.” Click on it
- Set it to “Install Certificate.” This option helps to import the certificate once you are through with the process.
Now you have setup SSL/TLS connections which are fully encrypted, and you can continue to send and received emails securely.
Email Messages Encryption
When emails are encrypted, it becomes easier to reduce the increased cases of cyber crimes. Individuals can encrypt their messages using an app or program that protects their confidential information such as passwords from access by third-party software.
To send encrypted emails, you require a full the following:
- An email client on your machine ( in this case we shall use Thunderbird with an Enigmail extension)
- Software that can generate a public key and manage it (in our case we will use GnuPG software)
- A plug-in for email encryption
For email client, Thunderbird is a good option, and it’s easier to use. It’s the official Mozilla’s email program that can be downloaded from their website. Thunderbird features secure storage of sensitive data with low costs for email messages.
To start sending and receiving emails, you need to configure this software to your system.
- Launch Thunderbird on your system, and you will see a pop up requiring you to include an email address.
- Type your existing email, and the software will configure automatically and retrieve any data from the mail servers.
Pretty Good Privacy (PGP) protocol is used in Thunderbird to ensure emails are encrypted on both ends. In this case, the emails are secure from the sender, and only the recipient can decrypt it.
You also need GnuPGP which is a software that generates an essential pair of keys to manage your encrypting keys. You need to download the software for windows.
Here is how to combine it with Thunderbird.
- Start by running the GPGP installer which assigns the GnuPGP under the Programs Files directory.
- Download Enigmail extension then in your Thunderbird software go to Tools >Options >Extensions >Install New Extensions, then select the Enigmail extension file.
- Restart Thunderbird to install it with Enigmail and you will get a menu item (OpenPGP). Click on it and go to Preferences. You will see a dialog box on the GnuPGP. Then click browse to install it.
- Go ahead and generate a public and private key. On the OpenPGP menu, select Key Management. Then select New Key Pair, type your email for the new key, set your passphrase, and click the “Generate Key” button. This may take a while before the set of keys are generated.
Once the process is done, you can generate your “revocation certificate” and ensure you save it. When you’re done, you can go ahead and send encrypted emails without worrying about hackers who may access it.
To discover the PGP key of someone else:
- Go to the OpenPGP menu then and select Key Management.
- On the Keyserver section, click Search to search for PGP user either by email address or name.
- Once you find it, it will be easier to send them an encrypted mail.
If you don’t authenticate your email with a key pair or if someone going through your emails on the server, the message will be as follows:
Only the person with a private key can successfully decrypt this message and show clear information.
Now you can create encrypted emails and nobody will access them unless you authorize it. Stay safe and ensure your emails are secure.