The sheer amount of email that flows across the internet every day is staggering, but what’s all too easy to overlook is just how insecure this form of communication actually is.
Often email delivery is compared to traditional paper post in that there is an envelope containing a letter, there are senders and there are recipients. In reality, the comparison is much more similar to a postcard.
Aarrgh! Everybody’s watching! Freak out!
When you send an email, at every point on its path across the Internet, that entire message is freely accessible to anyone who feels the need to view it. This can be done without any indication to the sender or recipient, and may well be happening right NOW!
OK, I’m possibly being dramatic so let’s not get too paranoid! 90% of the time we’re not really sending anything that’s so private it would be devastating for somebody else to read, but have you ever sent information like bank account details, passwords and the like? I doubt you’d be too quick to send those on a post card.
Enter email encryption
There has always been a solution to this issue of security, and its encryption.
PGP ( Pretty Good Privacy) is the one you’ll often hear about, however, while this will protect the message and contents from prying eyes, historically I’ve always found it to be a real pain to configure properly.
Some people will make do with password protected document files, and email those. but this is not anywhere near as secure and lets face it, it still a pain, when you’re sending response after response in an email thread.
Virtru “Simple Email Privacy”
Virtru is a third party hosted service that offer an alternative to the above. It’s one of a few hosted solutions of this type out there and we’ve found it lives up to it’s name. It really is simple, without compromising on the security side of things.
Exchange alternative, MDaemon Messaging Server now includes Virtru integration within its WorldClient Web Interface.
If you’re an Outlook user, you can also use Virtru via a simple add-on, plus there’s a web-based version and apps for iOS and Android should you want to read encrypted emails on the go.
Using Virtru within WorldClient
In order to start using Virtru Encryption within WorldClient you need to be running the ‘WorldClient’ theme.
Step 1 Open Settings by clicking on the cog icon
Step 2 Choose Compose Options
Step 3 Enable Virtru Support under the compose Options and choose Save
Step 4 MDaemon will now initiate and manage the registration process, this usually only takes a few seconds …
Step 5 Virtru is now set up. To use, simply compose a new message and tick the small ‘V’ icon.
Step 6 On sending the message, you should see an encrypting symbol, which should only hang around for a few seconds…
How does Virtru secure messages? I haven’t even created a password
Virtru uses a very clever key management system that only requires a one time verification process using your email address.
In basic terms..
Step 1 A user starts to use a Virtru client, at which point they must first register with the Virtru servers by passing their email address.
Step 2 Virtru generate a one-time response email.
Step 3 The user receives this email and the Virtru Client automatically uses the data it contains to verify the account.
Step 4.The user is now verified with Virtru and is assigned an encryption key to be used for the next message to be sent.
The important bit here is that every time a message is encrypted, a new encryption key will be assigned and used.
On receiving a Virtru encrypted email, the recipient is invited to register their email address and then can either decode the message within a browser window or choose to install one of the various Virtru clients.
The Outlook Add-on
As well as the WorldClient Integration for MDaemon, Virtru also provide additional add-ons for Clients including an excellent Outlook add-on that works great alongside MDaemon’s Outlook Connector.
The add-on is very simple to use and once installed, simply needs the user to go through a quick account verification to confirm the email address is valid.
Along with the ability to encrypt individual emails within the Outlook add-on you can also select what text to send within un-encrypted personal Introduction section of the email and also whether to allow forwarding and whether the message should expire after a set time. Its worth noting these features are free for 14 days after which the paid for pro version of Virtru is needed per account.
Virtru Clients are available for a range of Platforms including Outlook, Chrome,Firefox,IE 10+,Safari,iOS 7/8, Android 4.0+ and Mac Mail.
Click here to download any of the clients
What’s in the “Pro” version?
The Virtru Integration currently provided by MDaemon only requires the basic free Virtru account, and so new accounts are created automatically as needed for each email address in MDaemon that has the option enabled.
This works really well, but there are additional features that Virtru offers that can be unlocked if you choose to upgrade your account with Virtru Directly.
These include the ability to revoke existing email, control whether an email can be forwarded by the recipient, set email expiration dates and more.
By default all Virtru accounts get these Pro features free for 14 days at which point they revert back to the basic free offerings.
I hope you found that a useful post, I think it’s likely Alt-N will be evolving this integration further so I’ll no doubt be back shortly with more information around what they have planned.
If you have questions or feedback, feel free to use the comments below.