Overview

If you haven't already, you will soon receive an email from someone you know that, if you were to look closer, you would see that it did not come from them at all. And, if you haven't already, you will soon receive an email that will appear to be from yourself that will contain some type of spam message.

It is incredibly easy to "spoof" email systems. Unless you go through the effort of reading the header file of every message you receive, you might not actually know where the message came from.

Using iKey to Store Digital Certificates
By storing a digital certificate on an iKey, employees can apply a "Digital Signature" to each outgoing message. This would allow the receiver of an email the ability to confirm the authenticity of a message.

You could store a certificate on a PC but there are two drawbacks to this:

• The certificate is not portable, so the employee would always need to use the machine on which the certificate is stored.
• It is not as secure as storing the certificate on an iKey because it is easy to access other peoples' PCs, especially when they go to for lunch or even coffee.

eMail Authentication - How would it work with iKey
Take Microsoft Outlook as an example. When creating an email, the employee would simply click the "options" button above the new message and select the "sign email" check box. The employee will need to insert his/her iKey (if it's not already inserted) and enter a password. Outlook will take care of the rest.

Email Encryption - How would it work with the iKey

First a little background:
Most emails sent between unrelated email systems use the Internet as the common transport. Messages are sent in what is commonly referred to as "clear text," meaning that a person with readily available equipment situated at the right point of the transportation channel could read the messages being sent without too much difficulty. Most of us would not care if the email containing today's lunch menu were read by someone we didn't know but if the email message containing a company's yet to be finalized quarterly results were to be intercepted and read, the effects could be disastrous.

Encrypting email messages and attachments is the most effective way to protect the privacy of the information. This task can be accomplished in a number of ways.

Each of the Solution Providers listed has developed an email encryption solution using the SafeNet iKey. Their solutions differ based on the encryption algorithms used, iKey model supported, security certifications received, other features included (besides encryption) and of course price. However, little difference exists in using their systems, as each of the systems allow you to selectively encrypt messages. To encrypt a message, you simply select the encryption option, insert your iKey, enter your PIN and the message is then sent secured.

First rule of email encryption: You cannot send an encrypted message to someone with whom you have not established an encryption/decryption relationship.

Some of the solution providers listed require an iKey at both the sending and the receiving end. Some will allow an iKey to encrypt a message and will allow a password provided over the phone to decrypt the message.

A Scenario for Email Encryption
A large law firm or accounting firm is concerned about the security of sensitive information that is being emailed between themselves and their customers. Each of the partners in the firm is given an iKey for his/her own personal use. All partners go through the simple driver installation process and the on-line tutorial. All partners are also given a number of iKeys to be distributed to their respective clients.

In a meeting with a client, a partner gives the iKey to the client and says, "Due to the sensitivity of the information we will be sharing over email, from this point forward, you and I will only correspond with each other using encryption technology. Take this iKey and, with your computer on-line, insert this device in the USB port of your computer. Follow the simple instructions and the simple tutorial." At this point, the partner of the firm and the client have iKeys on their key chains and are utilizing the technology as part of their normal business.