You are on page 1of 11

SendItSecure™ E-mail Encryption

Highly Secure E-mail:


Exchanging Confidential
Information through E-mail

» Why ordinary e-mail is


not secure
» Using biometrics to
achieve e-mail security
Highly Secure E-mail: 2

Exchanging confidential information through e-mail

Contents

Introduction ................................................................................2

Government Mandates to Protect Data .................................................3

Why E-mail is Not Secure .................................................................4

Perimeter-Based E-mail Encryption .....................................................5

End-to-End E-mail Encryption ............................................................5

A Case for Biometrics .....................................................................6

Using SendItSecure for E-mail Encryption ..............................................8

Using SendItSecure to Communicate with Non-Subscribers .........................9

Using SendItSecure to Securely Transmit Large Files............................... 10

Conclusion ................................................................................ 11

Introduction

There is no doubt that e-mail has become a priceless and universal tool for
businesses and individuals. You can instantly send a message to any number of
people at virtually no cost. You have a permanent record of electronic
correspondence. These benefits have quickly made e-mail an effective tool for
people to communicate.

Unfortunately, e-mail is not secure. Yet, sensitive and confidential information


is frequently transmitted in an unsecure state, making e-mail messages
vulnerable to being read by unauthorized persons.

If we cannot use e-mail to exchange the confidential information we work with


everyday, what are we to do?

Copyright 2008 SafeLive Corporation


Highly Secure E-mail: 3

Exchanging confidential information through e-mail

The solution is secure e-mail. A secure e-mail system provides two important
things: 1) The messages you send through e-mail are encrypted, and 2) the
identities of users who send and receive messages are authenticated, or
verified. Secure e-mail also ensures that the contents of your messages are
genuine and have not been modified in transit. Since the users are
authenticated, someone cannot forge an e-mail message by pretending to be
someone he or she is not. Finally, secure e-mail makes sure that only the
people you send a message to can open that message.

Many people believe that secure e-mail is complex and expensive. While the
amount of information available regarding secure e-mail can be daunting, it
can be quite simple and very cost-effective to implement. This whitepaper will
describe the various ways to protect e-mail messages and how to simplify and
improve the process.

Government Mandates to Protect Data

Organizations such as health care providers, financial institutions, and publicly


traded companies are required by HIPAA, GLBA, HIPAA (Health Insurance Portability
Sarbanes-Oxley, and other regulations to protect and Accountability Act) requires
health care providers to protect
their data. Organizations failing to comply with private health information.

these mandates can be fined or otherwise GLBA (Gramm-Leach-Bliley Act)


mandates that financial institutions
penalized. Not only that, if a data breach does
protect their customers’ private
occur, these organizations may be required to information.

notify their customers or clients that their SOX (Sarbanes-Oxley) forces


publically traded companies to
private information has been compromised. protect financial information and
prevent alterations to financial
According to the Privacy Rights Clearinghouse,
statements.
more than 200 million records containing
Table 1 – Various Privacy Regulations
sensitive information have been involved in

Copyright 2008 SafeLive Corporation


Highly Secure E-mail: 4

Exchanging confidential information through e-mail

security breaches since 20051. These security breaches are embarrassing to the
organizations involved and cause an unnecessary financial liability.

Why E-mail is Not Secure

Sending an ordinary e-mail message is much like sending a postcard. Just as


any carrier delivering a postcard can see what was written, any person on one
of the networks carrying an e-mail can see its contents. No one would put
private data such as a social security number, bank account information, or
medical records on a postcard. Similarly, no one should put confidential
information in an unsecured e-mail.

This is because ordinary e-mails are sent “clear-text,” meaning that the
contents are transmitted over the Internet without being hidden or scrambled,
or encrypted, in any way. Think of being in a room with several conversations
happening at the same time. It is easy for someone to listen in on a
conversation if everyone is talking in plain English.

Another downfall of ordinary e-mail is the lack of user authentication.


Authentication simply means proving who one is. A computer user could easily
pretend to be someone else―one of you partners, for example―and send you
an e-mail. If it is a standard e-mail message, you have no way of knowing if
the message is authentic, forged, or altered, no matter how official-looking it
may be.

This also leads to the fact that anyone gaining access to your computer or e-
mail inbox can read your messages. Again, the inability of users to prove who
they are makes ordinary e-mail unsecure and less useful, potentially putting
sensitive information at risk.

1
http://www.privacyrights.org/ar/ChronDataBreaches.htm, Accessed March 6, 2008

Copyright 2008 SafeLive Corporation


Highly Secure E-mail: 5

Exchanging confidential information through e-mail

Still, as many as 55% of employees report using an unsecure medium to


transmit proprietary information2. This is simply unacceptable.

Perimeter-Based E-mail Encryption

To protect the confidential information in e-mail, some solutions encrypt


messages as they leave the organization’s network and decrypt messages as
they come in. This is achieved by placing a server (software or hardware)
between the organization’s internal network and the external Internet. E-mail
sent within the organization stays unencrypted while e-mail sent to outside
partners or clients is encrypted based on some predetermined policies.

Although these systems can be set up and deployed with relative ease, they
still lack high security. Users are not authenticated individually, thus
unauthorized users could gain access to the confidential information in your
inbox and sent messages folders. Also, the messages do not remain encrypted
all the way from the sender’s desktop to the receiver’s, leaving them
vulnerable to interception or network eavesdropping.

End-to-End E-mail Encryption

Additional security can be provided by keeping e-mail messages encrypted


during their entire traversal through the Internet. By using end-to-end
encryption, users are authenticated individually, so you know for sure (to a
point) who sent the e-mail in question and who can read the e-mails you send.
However, many end-to-end e-mail encryption solutions do not use strong
authentication and instead use digital certificates or passphrases.

2
http://www.microsoft.com/presspass/press/2007/oct07/10-25SecureCollaborationPR.mspx,
Accessed March 6, 2008

Copyright 2008 SafeLive Corporation


Highly Secure E-mail: 6

Exchanging confidential information through e-mail

A digital certificate is basically a file on a computer that contains basic


personal information and an encryption key. By using a digital certificate, e-
mail messages are encrypted using a different key for each user. Each person
with whom you correspond has a different certificate, making them difficult to
manage.

Other systems use passphrases to authenticate users. These passphrases can


be used in one of two ways. The first is to simply let the user prove who they
are by providing the correct passphrase when needed. Another method is to
use the passphrase as the encryption key. The sender encrypts the message
with a word or phrase, and the receiver must provide the same word or phrase
to decrypt the message. The sender must communicate this “shared secret”
with the receiver through some other mechanism, such as a telephone call.

To make passphrases and passwords more secure and harder to guess,


organizations often require them to meet certain complexity criteria. Since
these passphrases are hard to remember, a user may write them on a piece of
paper taped to the side of his or her monitor, making this form of
authentication and encryption ineffective.

The strength of end-to-end e-mail encryption systems depends largely on the


strength of authentication used. Neither digital certificates nor passphrases
provide strong authentication and should not be used as the sole means of
securing confidential information.

A Case for Biometrics

There are three basic classes, or factors, of user authentication: something you
have, something you know, and something you are. The secure e-mail systems
mentioned above use only the two lowest factors of security: something you
have (usually a digital certificate) and something you know (such as a

Copyright 2008 SafeLive Corporation


Highly Secure E-mail: 7

Exchanging confidential information through e-mail

passphrase). While these systems are useful in some situations, using


something you are (like your unique fingerprint) can greatly increase the
security of your messaging solution.

The third and most secure factor for authentication (something you are) is
biometrics. The word “biometrics” literally means “the measurement of life.”
When applied to identifying or authenticating a person, biometrics means
measuring some physical or biological attribute that is unique to each human
being.

While some biometric techniques―such as DNA analysis or retina scans―can be


costly and impractical, other methods―such as fingerprint verification―are
easy to use, cost-effective, and very secure. Fingerprint biometrics provides
the best cost-to-accuracy benefit ratio. Your fingerprint is completely unique.
It cannot be stolen by another individual, cannot be forgotten, and cannot be
changed. This unique attribute can be used to absolutely identify you from
anyone else in the world. To identify a user using fingerprint biometrics, he or
she only needs to scan his or her fingerprint on an electronic fingerprint reader
which takes only a short moment.

Fingerprint biometrics is also very reliable. Modern fingerprint comparison


algorithms have extremely low false-accept and false-reject rates. A low false-
accept rate means that the probability of accepting a fingerprint as a match
when it should not have is very unlikely. On the other side, having a low false-
reject rate means that the system will not likely reject a match when it should
have accepted it, making it more user-friendly.

In addition to the high performance of modern fingerprint technologies,


electronic fingerprint scanners are also very affordable. A high-quality
fingerprint reader can be acquired for less than the price of a digital webcam.

Copyright 2008 SafeLive Corporation


Highly Secure E-mail: 8

Exchanging confidential information through e-mail

Using SendItSecure for E-mail Encryption

The SafeLive SendItSecure system is an end-to-end e-mail encryption system


that uses fingerprint biometrics to authenticate its users. A message stays
encrypted from the time it leaves the sender’s desktop until the recipient
opens it. The identity of each user is verified using fingerprint biometrics
before being allowed to send or open any message giving the system a very
high degree of security.

The core of the SendItSecure system is the central authentication server. This
secure web server is responsible for positively identifying each user by his or
her fingerprint before any e-mail
transaction can take place. It also
manages the encryption keys for each
message.

When a user wishes to send a secure


message, he or she simply composes the
message using Microsoft Outlook or the
Figure 1 - Overview of SendItSecure Architecture
SendItSecure stand-alone client with a
familiar-looking interface. When the ‘Send’ button is clicked, the user is
prompted to scan his or her fingerprint. This fingerprint is then submitted to
the central authentication server and verified. If the fingerprint matches the
one the user supplied when first enrolling, the transaction continues and the
SendItSecure software encrypts the message (including any attachments) using
an advanced encryption algorithm. It is then delivered to each recipient using
the existing e-mail infrastructure (Figure 1, steps 1-4). The message is not
stored on or transmitted through the SendItSecure server under normal
circumstances.

Copyright 2008 SafeLive Corporation


Highly Secure E-mail: 9

Exchanging confidential information through e-mail

When a receiving user opens the message, he or she must also provide a live
fingerprint scan. This scan is verified using the central authentication server in
the same fashion as previously described. If the receiver is successfully
authenticated and authorized, the message can be decrypted on his or her
computer (Figure 1, steps 5-6). As soon as the receiver closes the message, the
unencrypted contents are completely erased, making it impossible for someone
to read the e-mail at a later date without re-authenticating.

Using SendItSecure takes little effort on part of the user and the benefits of
truly securing your confidential
information far outweigh the small
amount of time needed to scan a
fingerprint. Installing the software
takes only a few moments and
enrolling the fingerprints is a simple
task that can be performed by the
users, usually without the help of IT Figure 2 - User Being Prompted for Fingerprint Scan

staff.

Using SendItSecure to Communicate with Non-Subscribers

“How can I securely communicate with those who do not have fingerprint
readers or are not in the SendItSecure system?” This is easily done using
Secure Message Pickup. When a SendItSecure user sends a secure message to
someone who is not in the system, the message is stored on the secure server
in its encrypted state and using industry-standard SSL connections. The non-
SendItSecure recipient is then notified via a standard e-mail that there is a
secure message waiting for him or her, along with a link to it. When the user
clicks the link, he or she is brought to the secure message pickup site where
the user can view the message, download any attachments, and reply.

Copyright 2008 SafeLive Corporation


Highly Secure E-mail: 10

Exchanging confidential information through e-mail

To authenticate these “message pickup” users, the sender can choose a secret
question that the recipient must answer correctly to gain access. These
questions are determined by each organization’s administrator and the
expected answers should be something that only the sender and recipient will
know. For a healthcare clinic, one question could be something like “What are
the last six digits of your health insurance policy number?” Other institutions
may have a completely different set of questions.

Once a message pickup user authenticates for the first time, he or she creates
a password that is used for receiving future secure messages. This password
can be changed at any time and is now only known by that user.

This message pickup mechanism uses only a passphrase for authentication,


potentially reducing the security of messages sent using it. However, there are
many instances where this is necessary so care should be taken when using it.

Using SendItSecure to Securely Transmit Large Files

Traditional e-mail systems do not handle large files easily. Many e-mail
providers limit the size of file attachments to 20 MB, 10 MB, or even down to 1
or 2 MB. SendItSecure provides an alternate method to deliver large files by
transmitting the encrypted large file data through the SendItSecure server,
instead of through standard e-mail. To the users, it looks and acts just like a
regular e-mail attachment except that they can attach files of any size, even
into the gigabytes.

This is particularly useful and convenient when sending medical records,


technical designs, and other common business documents. You can confidently
send and receive files of any size using this highly secure medium.

Copyright 2008 SafeLive Corporation


Highly Secure E-mail: 11

Exchanging confidential information through e-mail

Conclusion

E-mail is a tremendously useful and valuable means of communication. This


convenience has caused businesses and organizations to depend on it for day-
to-day, mission-critical operations. Unfortunately, the inherent security risks
when transmitting sensitive and confidential information through e-mail limit
its usefulness. This private information needs to be protected using the
easiest, most secure, and most cost-effective method possible.

SendItSecure, by SafeLive Corporation, achieves these security requirements by


employing accurate, simple-to-use fingerprint biometrics and advanced
encryption algorithms. Adding this additional security will reduce the risk of a
data breach that could result in an avoidable cost to your organization. Using
SendItSecure will ensure that the data you transmit through e-mail remains
private and secure, without introducing the burden or expense of complex
infrastructures.

For more information on securing your


organization’s e-mail, please contact us at:

Tel: (715) 246-5808


Toll-free: (800) 642-5808
Web: http://www.SafeLive.com
E-mail: sales@safelive.com

Copyright 2008 SafeLive Corporation