Everyone who uses e-mail sometimes thinks about how well the transmitted information is protected from prying eyes. Indeed, a message to be transferred travels a long way between different computers and mobile devices before it reaches a recipient. Besides, each device in the chain can run malware that stores transmitted messages. Further, the intentions of the device’s owners are unknown, and the recipient may not use the received information in a way that it was meant to be used .
Directors of information services face an urgent problem: employee use of their own mobile devices for work purposes – a phenomenon called BYOD (bring your own device). If such a device is lost or stolen, it can seriously injure the reputation of the company and its partners.
E-mail security systems that can be used on ordinary computers and mobile devices are designed to solve the aforementioned problems.
E-mail Protection Methods
E-mail protection is mainly aimed at:
- Protecting e-mails from interception, unauthorized reading, and counterfeiting on their way to a mail recipient.
- Protecting e-mails from further distribution by a malicious mail recipient.
Protecting E-mails from Interception
Classical cryptographic techniques are used to achieve this goal. Encryption technologies are applied to secure messages from interception, and digital signature technologies provide protection against counterfeiting.
A mail client plug-in that provides automatic encryption and digital signing is typically used to implement protection. If a web-interface is used to access a mailbox, encryption and digital signing is provided by a mail server or a script on the user side, which is more reliable. A dedicated website may be used to provide an initial key exchange.
Because cryptographic technologies are well developed, the level of protection against interception or counterfeiting can potentially be very high and sufficient enough to solve almost any problem. However, there may be the following vulnerabilities:
- Using knowingly weak cryptographic algorithms. This limitation may be imposed by law to make it possible for government intelligence agencies to crack a cryptographic algorithm when necessary.
- Mistakes in implementation of cryptographic algorithms and protocols.
- Embeddings in cryptographic algorithms implemented by a malicious developer of an e-mail security system that enable compromises of encrypted protection.
- Malware that enables the interception of a decrypted message or keys installed directly on a sender's or receiver's computer/mobile device.
It is obvious that these vulnerabilities are of an external nature or executed through implementation, and they can potentially be debugged.
Protecting E-mails from Distribution by a Malicious Recipient
The following condition should be fulfilled to achieve the goal of protecting messages from distribution by a recipient with malicious intent: "A mail recipient can read a message but can do nothing else with it". A proprietary message viewer (special viewer, special browser, etc.) can be deployed to achieve this objective.
This approach makes it impossible to use external standard features to display content of e-mail messages and, as a result, causes problems with the support of a large number of hardware and software platforms, in addition to many document formats sent by e-mail.
The ideal level of protection cannot be achieved, unlike the previous example; a recipient can always create a screen shot of the information shown on a computer monitor or device and generate a document of the photos. However, although complete security of information is not achieved, systems used to combat undesired e-mail distribution cope with the task of limiting information leakage well enough. Effective information leakage control depends on the resistance of a protection system to automatic methods of reading the content of a message, such as:
- Cracking a secure message viewer to take an unprotected document from it automatically.
- Making screenshots of a document and automatically regenerating the document based on these images.
Comparing Email Security Systems
The following table includes some of the existing e-mail security systems and their main features. All systems protect messages from interception by means of encryption, and some of these systems provide protection against unauthorized distribution.
As a rule, the protection of messages from unauthorized distribution is inversely related to the support of mobile devices. The reason is that client applications must be developed for protection from unauthorized distribution, and it is difficult to create them for the vast array of mobile platforms.
Product (in alphabetical order) | Suitable for Mobile Devices? | Protection from Unauthorized Distribution | Description |
CopySafeMail | No | Available | A user works with e-mail via a web-interface. A special web browser with additional security features (screen shot saving warfare, optional disabling of copy & paste feature, printing, etc.). Presently only a browser for Windows is available. One may send messages or check for new ones using a common browser. The system also enables users to notify that a message has been read, delete a message after reading, link a secure browser to a certain computer, and set an expiration date for a message. |
EgressSwitch | Suitable for iOS, BlackBerry, Android support is planned | Partial | Encrypted email service. It enables automatic setting of limitations depending on the content of the message. |
Email Encryption | Yes (operates via Web) | None | Features are similar to those of SecuredE-mail. |
Evizone | No | Available | The system is similar to CopySafeMail. Messages are sent and read via a special client application. Windows and Mac OS X are supported. |
JumbleMe | Yes (operates via Web) | Partial | The service enables encrypting a part of a message by embedding special tags in the message body. Encryption is done automatically on the server. The web site of the system or an Outlook plug-in is used to decrypt an encrypted fragment. A limited number of previews, lifetime, disabled printing, and disabled forwarding may be set for a message. |
PDFPostman | Yes (operates via programs for PDF and ZIP) | None | A set of plug-ins for Outlook that enable converting a message to a PDF file or ZIP archive with a password before sending. Then a file is sent as an attachment, and may be unpacked using any PDF viewer or ZIP archive program. Embedded features of PDF and ZIP are applied for encryption. |
SecuredE-mail | Yes (operates via Web) | None | A system that exchanges secured messages. It consists of a plug-in for an e-mail client or a specialized viewer. When a message is sent, it is encrypted and transmitted as an attachment for an ordinary message with instructions on how to read it. If a receiver has the plug-in, a secured message is transparently decrypted. |
S-Mail | Partially (requires Java support) | None | A system that enables exchange of encrypted e-mail messages. Messages are encrypted and decrypted directly in a browser by means of the Java applet. Standard e-mail clients may also be used (at that encryption is done by a local proxy server). |
StarForce E-mail | No (currently in development for Android) | Available | A system that protects e-mail from unauthorized distribution and uses a special viewer for secure messages. After opening, a message is linked to a computer on which it was opened and cannot be read on another device. There are features to collect and analyze information on secure message usage (first opening). |
In Closing
Effective application of an e-mail protection system requires a clear understanding of the type of threats your messages face, the reasons these threats exist, and how reliable your e-mail protection must be. If one has such an understanding, then selecting a system from the available offerings becomes a far easier task to achieve.
Alexander Zatsepin is the chief technology officer at Protection Technology Research