Kfir What exactly are you trying to achieve by encrypting email - are you trying to encrypt business communications between employees and vendors/customers to protect from eavesdroppers or do you want to encrypt the message repository and protect it from attackers?
Before you start applying encryption as a panacea do a little threat analysis first. Ask yourself - what assets are you trying to protect, what are the threats and what are your vulnerabilities. My experience with extrusion prevention with a fair number of customers has shown the following: a. It's better to use outgoing email in clear text because 1) you can monitor what people are doing and 2) having a business partner decrypt/encrypt is generally a pain in the ass that is greater than the value of the business transaction. b. If you have high-value business communications between your company and vendors - you are better off just encrypting the file (for example a sensitive contract or product design doc) and sending the encrypted attachment. This will enable you to monitor who is sending and who is receiving and with the right monitoring system - you will be able to detect that an encrypted file was sent which is interesting information in it's own right. Read my blog entry on this topic http://www.software.co.il/blog/2007/06/secure_communications_without_1.html Best regards Danny On 8/10/07, Kfir Lavi <[EMAIL PROTECTED]> wrote: > > Danny, > Google apps is exactly what I'm trying to avoid :-) > What did you mean by "You don't want to get involved in encrypted mail on > your lonesome."? > > On 8/10/07, Danny Lieberman <[EMAIL PROTECTED]> wrote: > > > > Kfir > > > > The best bet for you is Google Applications - surf to www.google.com/a > > > > You don't want to get involved in encrypted mail on your lonesome. > > > > danny > > > > On 8/9/07, Kfir Lavi <[EMAIL PROTECTED]> wrote: > > > > > > Hi, > > > I would like to keep company emails secure and encrypted. > > > I'm looking for a webmail program that is similar to Gmail. It don't > > > have to own all the stuff, just to be productive. > > > I would also want encryption. I want all the emails be encrypted > > > automatically. > > > What is the procedure for a user? should he take with him a usb > > > private key? > > > I'm looking for your comments on the idea. > > > > > > Tnx, > > > Kfir > > > > > > > > > > > -- > > Danny Lieberman > > Reduce risk with practical threat analysis- visit us at > > www.ptatechnologies.com > > "All things being equal, the simplest solution tends to be the best > > one." Occam's razor > > > > -------------------------------------------------------------------------------------------- > > www.software.co.il/blog - Israeli software, music and mountain biking > > www.software.co.il/pta - Download a free copy of the PTA-Practical > > threat analysis tool > > > > -------------------------------------------------------------------------------------------- > > Tel Aviv + 972 3 610-9750 > > US + 1-301-841-7122 > > Cell + 972 54 447-1114 > > > -- Danny Lieberman Reduce risk with practical threat analysis- visit us at www.ptatechnologies.com "All things being equal, the simplest solution tends to be the best one." Occam's razor -------------------------------------------------------------------------------------------- www.software.co.il/blog - Israeli software, music and mountain biking www.software.co.il/pta - Download a free copy of the PTA-Practical threat analysis tool -------------------------------------------------------------------------------------------- Tel Aviv + 972 3 610-9750 US + 1-301-841-7122 Cell + 972 54 447-1114
