Tip #2 – Sending secure email.
If you have privacy concerns, HIPPA compliance or other compliance requirements - it may be beneficial to send emails between two parties using encryption and digital signature technology. This Tech Tip describes how to setup encrypted emails between two parties using Outlook 2003 on Windows XP (the most common business platform today).
Detailed Steps:1. Each party must secure a digital certificate.. There are several places you can go to get digital certificates. We have tested the free email certificates available from C-O-M-O-D-O. For other options, you can take a look at Microsoft's recommendations. To get a COMODO certificate, click the link above and at the bottom of the page, click the link "Get your Free Secure Email Certificate now! (Internet Explorer only)". Fill out their profile info, deselect the "Opt In?" checkbox (unless you want their newsletter), enter a revoke password, then click "Agree and Continue". This will popup a scarry "Potential Scripting Violation" window. Click "Yes". This occurs because the website has told your Internet Explorer to request a certificate from them. You don't want just any website doing that and therefore the warning. The next thing that will happen is you should receive an email from Certificate Customer Services [secureemail@comodogroup.com] with the subject line "Your certificate is ready for collection". Open this email and click the button labeled "Collect and install certificate". This will open a new browser windows with a form where you should enter the email address you are registering and the "Collection Password" that is provided in the email. Now click "Submit & Continue". This will pop up another "Potential Scripting Violation" box - just click "Yes". That was the hard part and each of you only has to do this once. Now that you have your own certificate, you can exchange secure email with anyone else that has a certificate. 2. Exchange certificates with the person you wish to communicate with securely.. To exchange certificates, you send an email to each other containing your certificate. To do this, you open a new email in Outlook and click on the "Options" button (about 10 icons to the right of the "Send" button). On the "Message Options" window, click the "Security Settings" button (upper right). On the "Security Properies" window, click the "Add digital signature to this message" checkbox. Do not check the "Encrypt message contents and attachments" (that comes later). The "Send this message as clear text signed" should also be checked but not the "S/MIME receipt for this message". Click "OK". You have now digitally signed the message (which also means your digital certificate is attached to the message. The next step is to send this message to the person you want to exchange certificates with. When you receive their message and when they receive yours, you want to open the message and right click on their name or email address in the "To:" field and select "Add to Outlook Contacts". Now their certificate is saved on your computer. That is the last step in setting up the ability to exchange encrypted emails with a specific person. If you want to exchange encrypted emails with another person, they need to get a digital certificate (step 1) and then do step 2 with them. 3. Exchanging encrypted emails.. Once you have exchanged certificates, the hard part is done. All you have to do now to send a digitally signed, encrypted email to that person is to open a new email and look to the right of the Send button. Click on the blue lock icon. If you don't see that, click on the "Options" button (about 10 icons to the right of the "Send" button). On the "Message Options" window, click the "Security Settings" button (upper right). On the "Security Properies" window, click the "Encrypt message contents and attachments" checkbox and you can digitally sign it as well by clicking the "Add digital signature to this message" checkbox. |
What is encryption?
Encryption is a process whereby information is scrambled usually with a key or encryption code to make the information unreadable. To put the information back into a readable form, you have to have the decryption key.
If everyone had the same key, anyone could "decrypt" anyone else's email, that is why you share digital signatures (which contains your public key). They the message intended for you with your public key, then only you can decrypt the message with your private key. You never give out your private key.
Why would you want to send encrypted email?
Encrypted email is the only way to make sure that no one can intercept and read your email along the path between your computer and the destination computer. This includes anyone that at either endpoint network (for instance - your boss or IT person) or anyone that works at either of your ISPs (Internet Service Providers) or someone at one of the Internet routing companies or your local line provider or someone that may be able to tap into one of these networks. While it may be unlikely, if you have confidential information or certainly financial information, it would be worth the time investment to set this up and use it.
Computer Purchases
Just Biz – Technology Services
If you are not using our services, make Just Biz – Technology Services your IT department. We provide networking (wired or wireless), computer administration, computer sales, installation, backup support, software consulting and WEB design.
We are an authorized reseller for Dell, Microsoft, SonicWALL, NetGear, GoDaddy.com and other products and services.
Call us today for a free technology assessment!
Just Biz - Technology Services
(407) 370-6973
http://www.justbiz.biz
Just ( adj ) - Honorable and fair in one's dealings
and actions.
Putting Technology to work for your business!