Loading
BAYOOSOFT
  • Management Solutions
    • IT-Security
      • Access Manager
      • gpg4o
    • MedTech
      • BAYOOSOFT Themis
      • Risk Manager
      • MEDiLEX
    • Telesolutions
      • HospiX
  • About us
    • BAYOOSOFT
      • Software Made in Germany
      • The Co-thinker Team
      • Contact Us
    • News & Events
      • News
      • Events
      • Success Storys
    • BAYOONET Group
      • BAYOOTEC
      • BAYOOMED
  • Jobs & Career
  • Shop
  • Search
  • Menu

Email encryption – Which method is the most secure?

26 emails a day are 130 a week and more than 6000 a year: According to a survey by the digital association Bitkom, this is the average amount of electronic messages received in every professional mailbox – and the trend is rising. In addition to short, quick agreements between colleagues, they often contain sensitive personnel, project and financial data that we exchange with other people or companies every day.
Emails are a convenient way of communicating, but in a very simplified term they are nothing more than virtual postcards that can be intercepted, read and even manipulated by third parties on their way without sufficient security measures. This means: Only those who encrypt their emails and attachments can protect them from unauthorised access by others.

Different encryptions, different advantages

Even if the aspect of security concerns private users, it plays a major role especially in companies. Therefore, the Federal Data Protection Act recommends encrypting emails containing personal data. In the professional environment, one of the following two methods is usually used: gateway-/server- or classic, client-based end-to-end encryption.

With gateway-/server-based encryption methods, the email is available in plain text within the company and is only encrypted at a central location when it is sent. They do not require any client-side set-up and require less administrative effort from employees – a common disadvantage is the lower security standard.

Messages in client-based end-to-end encryption methods are encrypted directly in the email client and guarantee end-to-end encryption from one end (sender) to the other (recipient). The decisive advantage of end-to-end encryption is the maximum level of security, the sent messages are encrypted at all times on the way between the communication partners, even the email provider has no access to the content and even within the company data is not available in plain text.
The disadvantage of client-based end-to-end encryption is the high effort involved and the associated application errors and lower acceptance by employees. However, there are solutions to simplify the use of encryption.

Client-based/end-to-end encryption

Die Grafik zeigt, dass bei Clientbasierten/Ende-zu-Ende Verschlüsselungen E-Mails bei allen Zwischenstationen von Absender:innen zu Empfänger:innen geschützt sind.

Gateway/server-based encryption

Die Grafik zeigt, dass bei Server-/Gatewaybasierten Verschlüsselungen E-Mails nur von einem Gateway zum anderen Gateway geschützt sind.

Easily implement secure email communication

Client-based end-to-end encryption can be divided into three methods: Symmetric, asymmetric and hybrid, a combination of the two.

Symmetric encryption works by using the same key for both, sender and receiver. What seems like a simple solution has immense disadvantages for security. The keys must be transmitted electronically between both parties and can be read in the process.

In asymmetric end-to-end encryption, both parties use a key pair consisting of a private key (similar to a secret password) and a public key (similar to a username that can be shared). The public key is exchanged between the communication partners. Once person A has received the public key from person B, they can use it to write an encrypted email. Person B uses his private key to decrypt it – this way, even with sensitive data, it can be ensured that only the person for whom the email is intended can read it.

That sounds like a complex issue? No problem: As a company, you can specify in the Outlook add-in gpg4o® that these keys are simply and securely provided, managed and distributed by a central key server through automated synchronisation. Employees can also be provided with pre-tested key material and do not have to take care of key management themselves. This significantly minimises the effort of client-based end-to-end encryption and makes it one of the most secure methods for encrypting emails.

Good to know

gpg4o® is also a secure solution for private users: As a freeware version, gpg4o® Free is available to all private Outlook users as a free variant of the proven end-to-end encryption. Click here for more information.

More information

More information, everything about functions & version updates for the Outlook add-in gpg4o® can be found here.

Sounds interesting? Share our post.
  • Share on Facebook
  • Share on WhatsApp
  • Share on LinkedIn
  • Share by Mail

Latest News

  • Test automation in medical software development25. May 2023 - 16:32
  • IEC-80001-1-Risikomanagement.pngAre you sure that your CRITIS is secure?25. May 2023 - 15:32
  • BAYOOSOFT Themis - Technische Dokumentation neu gedachtNow available: Themis Documentation Guide4. April 2023 - 18:29
Contacts at BAYOOSOFT 

Svenja Winkler
CEO
[email protected]

 

 

Franziska Weiß
Head of Sales
[email protected]

Darmstadt
Lise-Meitner-Straße 10
64293 Darmstadt

Munich
Aidenbachstraße 54
81379 München

Berlin 
Mariendorfer Damm 1-3
12099 Berlin

Product Specific Inquiries: via Contact Form
Contact: [email protected]
Jobs: [email protected]
Press: [email protected]

Phone: +49 (0) 6151 – 86 18 – 0
Fax: +49 (0) 6151 – 86 18 – 150

Contact support
  • Privacy Policy
  • Legal
BAYOOSOFT Risk Manager is DigiLab certified Stempel Digilab zertifiziert Ein:e Ärtz:in sitzt vor einem Tablet und hat ein Stethoskop um den Hals Clinical evaluation according to MDR
Scroll to top