Is the encryption of the mail complicated? Not for us. We show you how to perfectly encrypt your emails for a secure correspondence!
Many Internet users find encryption of their e-mails unnecessary. But even if you never exchange sensitive data such as your account information or trade secrets via email, it is still worth encrypting your digital mail. Not only could the content of the email and attachments fall into the wrong hands, but a network criminal could hack into your entire account if you don’t protect it properly.
Mail encryption has played an even more important role than before. Companies must/must increasingly store customer data in encrypted form and/or only transmit it in encrypted form, or they can reduce the likelihood of a data breach and therefore also a fine by encrypting customer data.
Therefore, in this article we show how to encrypt emails securely, no matter which email provider you use.
What to encrypt?
To effectively protect your email communication, you must encrypt three things: The connection to your email provider, your emails, and your saved or archived emails. We will first outline the three relevant areas of connection encryption, mail encryption and archived/stored mail encryption before going into these three areas in more detail.
Encrypted connections: https alias SSL/TLS
If you leave your connection to your email provider unencrypted while checking or sending emails, other network users may simply steal your login details and view every message you receive or send. This problem occurs especially if you are using a public network, such as a wireless access point in a café or at the airport. But even at work or on private networks, an unencrypted connection can often cause problems. For this reason, all data exchange between your PC/browser/email client and the server of the other party should only take place via SSL connections (SSL/TLS).
Encrypt the emails: S/MIME or OpenPGP
Your emails are vulnerable as soon as they leave the mail provider’s server and start traveling over the Internet. Cybercriminals can intercept such messages as they travel from one server to another on the network. Anyone who encrypts their email before sending it with S/MIME or OpenPGP makes its content unreadable to these snoops. However, since May 2018, the e-mail gap has caused some concern here.
Encrypting saved emails
Do you store older e-mails, stored or archived on your computer or mobile device, for example through a client program such as Microsoft Outlook? Even then, a thief has an easy way to access your data, even if you have protected your device, operating system and even your email program with a password. Here again, encryption ensures that your messages are unreadable to unauthorized persons.
How to encrypt your email connection
To secure the connection between your email provider and your computer or mobile device, you must set up Secure Sockets Layer (SSL) and Transport Layer Security (TLS) encryption, the same security scheme you use for banking and online shopping, for example. If you access your mail through a browser (whether on a desktop, laptop, smartphone, or tablet), take a moment to check that SSL/TLS encryption is enabled. If it is, the URL of the web page will begin with https instead of just http.
However, encrypted connections are now standard for mail services. Virtually all mail service providers offer their websites and therefore their online mail portals via https only; https stands for “Hypertext Transfer Protocol Secure”. This means that, according to the current state of the art, all data transferred between your browser and the web server are safe from unauthorized access in both directions. This means that you do not need to install any additional programs.
In addition to the already mentioned https at the beginning of the address line of the browser, you can usually recognize the presence of an encrypted connection by a green padlock symbol in front of the address line. If you click on the padlock symbol with the left mouse button, you will receive further information about the encrypted connection.
If you do not see an https address or other signs of encryption after logging in with your e-mail provider, simply type an s after the http in the address line manually and confirm with the Enter key. If your service provider supports SSL and TLS, this entry method will result in encryption of your current connection.
Then, browse your account settings – you may be able to set up automatic encryption for future logins. If you cannot apply encryption manually, check if your provider supports SSL and TLS. This is usually the case, at least with all common mail providers such as web.de, gmx, or Gmail.
If you use a client program such as Microsoft Outlook – or an email application on your smartphone or tablet – it’s a little more difficult to verify and set up the encryption. To do this, open your email program or application and navigate to the settings. Your account will probably be listed as POP/SMTP, IMAP/SMTP, HTTP, or Exchange. Look for an option to enable encryption; you’ll usually find it in Advanced Settings.
Roughly where you can also assign port numbers for incoming and outgoing connections. In Microsoft Outlook, for example, under “File, Account Settings, (double-click) your mail account name, Advanced Settings, Security.
If, for example, you use an Exchange mail account at work, there is a designated area for security settings. Here you can clearly see if the encryption/security option is enabled. If it is off, check with your mail provider to see if it supports encryption, and if not, consider switching to another provider.