4.9 / 5 based on 91 happy customers

Let’s Talk

How to Send a Secure & Encrypted Email

email security

Email is a tried-and-true method for digital communication. However, many people include sensitive personal or professional information in their email messages without realizing how dangerous it can be.

The concept of email was first developed in the early 1970s, and by the 1990s, it had achieved widespread adoption. In the three decades since email went mainstream, hackers have found ways to intercept messages and compromise inbox security.

Luckily, there are ways to protect your email account, with email encryption being one of the most secure options. Let’s look at why securing your email matters and how to send a secure message using encryption.

Key takeaways

  • Hackers can use network vulnerabilities to intercept emails while they’re in transit.
  • Encryption prevents the contents of an email from being exposed if they are intercepted.
  • Many email platforms have encryption options available to add an extra layer of security to your messages.
  • To send encrypted emails, the sender and the recipient usually need to use the same email platform or have access to the decryption keys.

Understanding the risks of unencrypted emails

When you send an unencrypted email, the contents of the message are sent in plain text. This means that if the email is intercepted while in transit, the person intercepting it can read every word.

Encryption uses cryptography to scramble the contents of the email as it moves from sender to recipient. Only a specific alphanumeric key can unlock the message. If a hacker intercepts the message at any point, they won’t be able to read it.

Here are some of the threats associated with sending an unencrypted email:

  • Eavesdropping: Hackers often exploit network vulnerabilities like unsecured public Wi-Fi or outdated encryption protocols, such as deprecated SSL instead of TLS (Transport Layer Security), to intercept or spy on email communications while they are in transit.
  • Data breaches: If a threat actor intercepts an email containing sensitive information, it could lead to a large-scale data breach.
  • Social engineering: Hackers will often use the information from intercepted emails to conduct phishing or other social engineering attacks. For example, they could use professional details from your emails to launch a spear phishing attack on your organization.
  • Server vulnerabilities: Many hackers will target email service providers rather than individual users, compromising thousands of accounts at once. For example, there have been recent reports of ransomware attacks on Gmail and Outlook servers.

For casual conversation, these risks may not matter much. However, if you’re sending financial information, legal documents, health data, confidential business intelligence, or any other sensitive information via email, you need to use encryption.

How to send encrypted emails

How to send encrypted emails

If you need to send an encrypted email, there are several ways to do it. Here are three options you have for keeping your messages safe.

Option 1: Use built-in encryption features

Many popular email service providers have built-in features that allow you to send encrypted messages. However, you’ll need to manually enable this extra protection, as it’s not automatically turned on.

There are two primary types of email encryption. These are:

  • Secure/Multipurpose Internet Mail Extensions (S/MIME): This method uses an existing public key infrastructure to secure messages. The certificate used to verify messages comes from a large-scale certificate authority. S/MIME is the only encryption method that supports messages with multimedia content. It also includes a digital signature, which verifies the authenticity of the sender and ensures the content hasn’t been tampered with during transit.
  • Pretty Good Privacy (PGP): PGP takes a decentralized approach to encryption. Instead of relying on a centralized infrastructure, users generate and verify their security keys. PGP only supports plain text messages.

Both encryption methods obscure the content of your emails and keep them safe in transit. However, they use different security concepts and methods to achieve these goals.

Most large-scale email providers use S/MIME encryption due to its large-scale infrastructure and multimedia capabilities. For example, Microsoft Outlook, Gmail, and Apple Mail all have S/MIME encryption options. On iOS devices, Apple Mail supports S/MIME encryption natively. This allows iPhone and iPad users to send and receive encrypted messages directly through their default Mail app.

To use this type of message encryption, you’ll need to enable it in your account settings. Workplaces can even enable S/MIME encryption for all company email accounts.

To use PGP with these email service providers, you would need to install an extra software program or plugin and configure it to work with your email account. Some people prefer to use PGP because it gives them more control over their encryption keys and security certificates. However, it is more complex to set up and only supports plain text messages.

Option 2: Use secure email providers

Another option is to use an email provider that prioritizes security and has end-to-end encryption built in, without needing to actively enable encryption in the settings. Some popular examples of secure email providers include ProtonMail and Tutanota.

In most cases, these email providers use PGP rather than S/MIME encryption. ProtonMail uses PGP encryption, while Tutanota uses its custom encryption algorithms based on PGP concepts. 

Both providers offer full-featured iOS apps that make accessing and managing encrypted messages easy from mobile devices, without sacrificing usability or performance.

The advantage of using these email providers is that they make it easy to implement encryption without much technical knowledge. However, users don’t get the convenience that comes from using a large-scale email platform. 

In most cases, both the sender and the recipient need to use the same platform to get the encryption benefits. While these providers emphasize security, some users may find their functionality more limited compared to mainstream platforms like Outlook or Gmail.

Option 3: Use temporary encrypted messaging services

If you only need to send encrypted messages occasionally, you can use a web-based encryption service or an encrypted mobile app, rather than enabling encryption within the email client. These platforms have end-to-end encryption, and messages will self-destruct after a certain period to prevent them from being intercepted.

Some examples of popular encrypted messaging apps for mobile devices include Signal, Briar, and Session, just to name a few. These are good options if you need to share encrypted information quickly using a mobile device. If you’d prefer to send an encrypted message through your web browser, you can use services like SimpleX or Wire.

If you need to send sensitive data quickly, these services could be a good choice because they are easy to set up. However, they may not be suitable for ongoing communication, especially in professional settings.

Each of these options has different strengths and limitations depending on your goals. Here’s a quick comparison to help you decide which method fits your needs:

Method Best For Setup Difficulty Multimedia Support Common Platforms
S/MIME Corporate use Medium Yes Gmail, Outlook, Apple
PGP Personal privacy fans Hard No Add-ons only
Secure Email Providers Privacy-first consumers Easy Varies ProtonMail, Tutanota
Messaging Apps One-time secure chats Easy Yes Signal, Wire, SimpleX

Best practices for secure email communication

Whether you’re using email for work or personal communications, implement the following best practices to keep your messages safe.

Verify the recipient’s encryption capability

When sending an encrypted email, contact the recipient first to confirm that they can receive and decrypt the message. You may also need to provide instructions on how to open and respond to the message, as many people have never interacted with encrypted emails before. One researcher found that only 5.46% of email users had ever used encryption tools. To receive encrypted emails on iOS, recipients may need to enable certificates or install compatible apps to access the content securely.

For example, if you’re using S/MIME encryption through your email provider, the recipient may need to use the same email provider to receive the message. If you’re using PGP encryption, you may need to share your private key for the recipient to unlock the message.

Use strong passwords and multi-factor authentication

Even if you’re using encryption when sending sensitive messages, you still need to use other cybersecurity methods to protect your account.

Most notably, your email account should have a strong password that contains both upper and lowercase letters, numbers, and symbols, and is difficult for hackers to guess. If there’s an indication that your email servers have been compromised at any point, change your password right away to prevent further security issues.

You should also implement multi-factor authentication for an extra layer of security. One of the easiest ways to do this is by installing an authenticator app on your mobile device and linking it with your email account. The app will provide a numerical code that you’ll need to enter along with your username and password to access your inbox.

Be cautious of phishing and social engineering

Encryption obscures the content of your messages, but doesn’t necessarily protect the subject line or the sender’s address. Threat actors will often spoof their email addresses when sending phishing messages, making it look like the email came from a trusted source. Everyone should be wary of possible social engineering attacks, regardless of whether you’re using encryption or not.

When reading emails, keep an eye out for signs of phishing or malware, such as strange requests for money or personal information, or uncharacteristic spelling and grammar errors. If you think you’ve received a phishing message, do not respond to it, as this could compromise your accounts.

Keep software and security certificates updated

Hackers often exploit vulnerabilities in outdated software programs or security certificates. Make regular software updates a part of your routine to keep your accounts secure.

Consider the sensitivity of the information

Email encryption isn’t always convenient, especially if the intended recipient does not use the same email platform as you. When deciding whether or not to encrypt your emails, consider the contents of the message and how sensitive they are.

For example, information like Social Security numbers, credit card details, legal documents, or protected health information should always be encrypted. For other business data, consider the potential consequences of someone intercepting the message. If you’re discussing information that’s already common knowledge or is readily available on the internet, it likely doesn’t need to be encrypted.

Choosing the right encryption method for your needs

There are many ways to encrypt an email message, so you’ll need to choose the one that makes the most sense for your unique needs.

If your organization frequently sends secure information via email, you might consider setting up S/MIME encryption for all staff email accounts. If you want more control over your encryption keys and who you share them with, you might opt to manually implement PGP encryption instead.

If you’re encrypting one-off messages, you might also consider using more accessible apps or web-based tools. These tools provide an easy way to encrypt your messages without much setup, but may not provide the features you need for ongoing communication.

Secure your email communications with Diamond IT

If you’re sending sensitive information in your emails, take control of your email security. Use an encryption method to protect your messages from prying eyes while they’re in transit. Using encryption for sensitive messages can help prevent data breaches, identity theft, and other security issues later on.

Need help securing your email communications? Our experts at Diamond IT can walk you through simple, effective email encryption solutions tailored to your business. Let’s keep your data safe. Contact us today. 

Schedule a free consultation

Name
Matt Mayo profile picture
  • Matt Mayo is the Owner and CEO of Diamond IT, based in Bakersfield, CA. With decades of experience in technology and business leadership, Matt is passionate about helping professional services firms solve complex IT and cybersecurity challenges. Known for his hands-on approach, he leads with humility, focus, and a strong commitment to client success.

Read next

Cybersecurity Email Threat Concept

Email Encryption Methods for Financial Organizations Sharing Client Information

  • ⏱️ 9 min read
financial services team

Secure Remote Access Tips for Financial Services Teams

  • ⏱️ 6 min read
growing business

Core IT Policies Every Growing Business Should Document

  • ⏱️ 10 min read