What is encrypted email, and is it secure?

Encrypted emails are a necessity for privacy and cybersecurity. Learn everything you need to know about using encrypted email providers and other good email security practices.

Text in envelope with picture split down the middle with right side blurred.

With ever-rising cybersecurity risks, encrypting email to prevent exposure, misuse, or exfiltration of sensitive data is a necessity. Given this need, more consumers are looking for simple, intuitive, and easy-to-use products, encrypted mail providers, and encryption solutions that protect their personal and business communications.In this article, we’ll walk through the basic reasoning behind why you should consider email encryption for every email you send and receive. From there, we’ll cover some common FAQs about different kinds of email encryption, including both network level encryption, as well as message encryption via PGP and other encryption protocols.Finally, we’ll cover common end-to-end encrypted email providers, which provide total email privacy directly inside their applications, and explain how to set up privacy respecting email accounts with simple and intuitive providers.

Why encrypt email?

Email is a form of communication that is often used for sensitive or personal information. If our email communications are not private, we can be at risk of having our personal information exposed to others. This could lead to identity theft, fraud, or other malicious activity. Additionally, if our email communications are not private, we may be at risk of having our email accounts hacked. This could lead to our email messages being read by unauthorized individuals, or our email accounts being used to send spam or phishing emails to others - which could impact your friends, family members, or colleagues.Email privacy is also important because it can help to protect our freedom of expression. If we know that our email communications are private, we may feel more free to express our opinions and share our thoughts without fear of reprisal. Additionally, email privacy can help to protect our relationships with others. If we know that our email communications are private, we may feel more free to share sensitive or personal information with our contacts. This could lead to stronger relationships and deeper levels of trust.Today, our inboxes store more personal information than our homes. Read on to learn more about email security, email encryption, and how to set up secure email practices and use encrypted email providers.

Is email secure by default?

Generally, people credit Ray Tomlinson with sending the first modern email in 1971. At first, email was built for interoperability and facilitating communication, without a significant investment in security and encryption. In fact, in the 1970s, although basic encryption and decryption methods existed (and were becoming increasingly sophisticated), end-to-end encryption was not built into any internet services at the time.In fact, even network traffic, which we now expect to be secure via innovations in TLS and SSL, was sent unencrypted, leaving significant vulnerabilities for internet users. This vulnerability prompted a series of warnings to not use public wifi (as your login credentials or plain text credit card number could be compromised) and to set up a personal VPN for all of your network usage.

What keeps network traffic secure?

Given the massive possible security problems that could stem from malicious actors intercepting network traffic, protocol-level changes were made to secure this traffic from unauthorized use. TLS (Transport Layer Security) is a cryptographic protocol that provides communications security over the Internet. It is the successor to the SSL (Secure Sockets Layer) protocol and is widely used in web browsers and other applications that require data to be securely exchanged over networks. TLS uses a combination of public-key and symmetric-key cryptography to encrypt data and ensure its integrity. It also provides authentication, which verifies the identity of the parties involved in the communication. When using unencrypted email providers, like Google Gmail our Microsoft Outlook, network traffic remains protected via TLS.

What’s encrypted email?

Encrypted email is email that has been encrypted in order to protect the content from being read by anyone other than the intended recipient. Email encryption is a process of transforming readable email into unreadable text using an encryption algorithm. The purpose of encryption is to ensure that only the intended recipient can read the email, and nobody else.There are a number of different encryption algorithms that can be used to encrypt email, and the most popular ones are PGP and S/MIME. PGP (Pretty Good Privacy) is a public-key cryptography system that uses a combination of symmetric key cryptography and asymmetric-key cryptography. S/MIME (Secure/Multipurpose Internet Mail Extensions) is a standard for public key encryption and signing of email. Email encryption is important because it protects the content of email messages from being read by anyone other than the intended recipient. It is especially important for email messages that contain sensitive information, such as financial information or medical records. Email encryption is also important for email messages that contain confidential information, such as business secrets or personal information.There are a number of different ways to encrypt email. In the past, email encryption software programs were popular, such as PGP or S/MIME. These email encryption programs work by encrypting the email message using an encryption algorithm and the recipient’s public key, and then sending the encrypted email message to the recipient. The recipient can then decrypt the email message using their own email encryption software and corresponding private key. Digital signatures can be used in email encryption to verify the authenticity of email content. Today, PGP has become generally uncommon due to high complexity and a generally unintuitive user interface that requires individuals to safely store and maintain their own encryption keys.Another way to encrypt email is to use an email service that supports email encryption, which has become a significantly more popular, intuitive, and trustworthy method for online communication. Skiff, for example, offers full end-to-end encrypted email built into their consumer email product. When you send an email using Skiff, the email is encrypted using recipients’ public keys. The recipient can then decrypt the email using their own private keys, which are only acceptable to them.Email encryption is important because it helps to protect the content of email messages from being read by anyone other than the intended recipient. When transferring sensitive information, whether it be family communications or medical records, email encryption is a critical privacy-respecting technology we recommend in all cases. In a business context, the stakes may also be significantly higher, as you must protect both client information and trade secrets.

Choosing an encrypted email provider

There are a number of encrypted email products available that provide different levels of security and privacy. Some of the most popular encrypted email products include Skiff, ProtonMail, Tutanota, and Hushmail. All providers below offer a series of native apps, including iOS, Android, macOS, and more.Skiff is a privacy-first, end-to-end encrypted email provider that stores all emails with zero-access encryption, meaning the company can never access or read your mail. Skiff also offers 10 GB of storage on their end-to-end encrypted collaboration and file storage platforms (Skiff Pages and Drive).ProtonMail is a user-friendly email service that offers end-to-end encryption and zero-access encryption. The company also offers accompanying products, like a VPN, to encourage more secure internet browsing. ProtonMail uses OpenPGP for encrypted email communication.Tutanota is another popular encrypted email service that offers end-to-end encryption. This means that your emails are encrypted before they even leave your device, and only you have the keys to decrypt them.Hushmail is a Canadian-based encrypted email service that offers both end-to-end and zero-access encryption. Hushmail also offers a secure email client for iOS and Android devices. Generally, Hushmail is more marketed to specific use cases, such as healthcare.

Conclusion

Email encryption is a critical cybersecurity safeguard to protect your information from unwanted viewing, interception by third parties, and future possible misuse. A number of additional features have become good practices for communicating securely as well, such as sending password protected emails, expiring emails after a period of time, and securing your accounts with two-factor authentication and hardware keys.We highly recommend investing in these additional security features and particularly in 2FA and hardware keys. In particular, 2FA adds an additional layer of login protection to your account, reducing the chance of identity theft, leaked or repeated password use, or failed compliance checks by third parties.Whether you're sending sensitive information or just want to keep your personal messages private, encryption is a great tool for protecting your communications. If you’re looking for a dependable end-to-end email encryption service, try out Skiff for free.