SafeNet, The Foundation of Information Security
 
 
Language: English English Japanese Chinese Chinese Spanish Portuguese
sample image
Secure Email Solutions for Government
Maintain the authenticity of your emails.

Secure Email

Overview

If you haven't already, you will soon receive an email from someone you know. However, if you were to look closer, you would see that it did not come from that person at all. You may also soon receive an email that appears to be from yourself, but it will actually contain some type of spam message.

It is incredibly easy to "spoof" email systems. Unless you go through the effort of reading the header file of every message you receive, you might not actually know where the message came from.

Using Smart Cards and USB Tokens to Store Digital Certificates
By storing a digital certificate on a SafeNet smart card or iKey™, employees can apply a "digital signature" to each outgoing message. This allows the receiver of an email to confirm the authenticity of a message.

You could store a digital certificate on a PC, but there are two drawbacks to this:

  • The certificate is not portable so the employee would always need to use the machine on which the certificate is stored.
  • It is not as secure as storing the certificate on an iKey because it is easy to access other peoples' PCs should they step away from their desk.

Secure Email - Digitally Signing Email with Smart Cards or iKeys
Using Microsoft Outlook as an example, when creating an email, the employee would simply click the "Options" button above the new message and select the "Sign Email" check box. The employee will then need to insert his/her smart card or iKey (if it is not already inserted) and enter their PIN. Outlook will handle the rest.

Secure Email - Encrypting Email with Smart Cards or iKeys

Background:
Most emails sent between unrelated email systems use the Internet as the common method of transport. Messages are sent in what is commonly referred to as "clear text," meaning that a person with readily available equipment situated at the right point of the transportation channel could read the messages being sent without too much difficulty. Most of us would not care if the email containing today's lunch menu were read by someone we did not know, but if the email message contained a company's yet to be finalized quarterly earnings, the effect could be disastrous.

Encrypting email messages and attachments is the most effective way to protect the privacy of the information. This task can be accomplished in a number of ways.

Each of the solution providers listed (Entrust, PointSec, SafeBoot, and WinMagic) has developed an email encryption solution using SafeNet smart cards or iKeys. Their solutions differ based on the encryption algorithms used, smart card or iKey model supported, security certifications received, other features included (besides encryption), and, of course, price. However, little difference exists in using their systems, as each allows you to selectively encrypt messages. To encrypt a message, simply select the encryption option, insert your iKey or smart card, enter your PIN, and the message will be sent securely.

First rule of email encryption: You cannot send an encrypted message to someone with whom you have not established an encryption/decryption relationship.

Some of the solution providers listed require an iKey/smart card at both the sending and the receiving end. Some will allow an iKey/smart card to encrypt a message and will allow a password provided over the phone to decrypt the message.

A Scenario for Email Encryption
A large law firm is concerned about the security of sensitive information that is being emailed between themselves and their customers. Each of the partners in the firm is given an iKey for his/her own personal use. All partners go through the simple driver installation process and the online tutorial. Each partner is also given a number of iKeys to be distributed to their respective clients.

In a meeting with a client, a partner gives the iKey to the client and says, "Due to the sensitivity of the information we will be sharing through email, from this point forward, you and I will only correspond with each other using encryption technology. Take this iKey and, with your computer online, insert the device into the USB port of your computer. Follow the quick and easy installation instructions and tutorial." At this point, the partner at the firm and the client have iKeys on their key chains and are utilizing the technology as part of their normal business.

Arrow Contact Us
Request Information
Technical Support
General Contact
Find a Partner
 
Related Documents
Related Links
Related Products
     Company | Site Map | Privacy Statement | Contact Us | Send Feedback | Terms & Conditions of Sale
     © 2008 SafeNet Inc. All rights reserved. | Use of this website signifies your agreement to the Terms of Use.