For many whose workforce consists of flex-time workers, freelancers or contract employees, correspondence may run through a user’s personal Gmail account. In fact, smaller organizations may even use Gmail as their company email system, making encryption critical – even if it is not often considered.
Encryption may sound too complex or sophisticated for small business owners, a subject best left to IT professionals and suspicious minds. However, as hackers and cyber criminals increasingly turn their focus to small to mid-sized business, encryption is becoming essential for everyone to grapple with. In fact, hackers have found small business email so easy to infiltrate that it is one of the most vulnerable areas in a business. Even for individuals outside of a business, more stringent security is essential. If your organization is using Gmail — whether for business or personal use – it is incumbent upon you to educate yourself as to what the service offers by way of security and privacy, and what it does not.
<
How Gmail Protects Messages
Google utilizes TLS, or Transport Layer Security, to encrypt gmail messages. Most major mail providers use TLS compatible protocols. As long as both the sender and the receiver of the email are protected by TLS, it is very difficult for a message to be intercepted or violated enroute. However, TLS cannot guarantee that the email will stay private to the intended recipient once it reaches the destination mail server. For one thing, Google itself has the ability to electronically view messages. While this may be a shock to you, it is how Gmail can prevent spam and phishing attacks from reaching your inbox. associated with your account, which is what allows the company to scan your email for potential spam.
However, if the party you are communicating with does not utilize a mail service compatible with TLS, the emails are not encrypted at all. While administrators can adjust settings to keep non-TLS messages from entering your email system, this may result in important messages never reaching their destination.
Therefore, in addition to the basic form of encryption afforded by TLS, Gmail supports a more sophisticated standard known as S/MIME — or Secure/Multipurpose Internet Mail Extensions. For those with enterprise-level Workspace setups, S/MIME permits emails to be encrypted with user-specific keys which can only be decrypted only by the intended recipient once the communication is delivered. This protection is available only through paid Google Workspace Suite accounts, not traditional “free” Gmail accounts. S/MIME must be enabled by a Workspace admin before it can be of use.
As in the case of TLS, S/MIME works only if both the sender and recipient are using a platform that supports it, as well as exchanged keys in advance for proper configuration. Within Gmail, however, Google will still have the ability to scan messages.
End-to-End Encryption
Google has flirted with the idea of total end-to-end encryption since 2014, but have not yet succeeded in providing it – and according to may insiders, may never get there. To achieve that level of protection in a Gmail account, users will have to add a third party product, such as Chrome extension FlowCrypt.
If your organization is in need of more secure email and you aren’t sure how to provide it, call Alliance IT today. Our IT professionals have the expertise to support your organization from consulting to cloud services. no matter which aspect of managed IT services applies to your organization, we are the call to make in the Sarasota area.