01 September 2015

What is the Best Email Encryption Software For Microsoft Outlook? Four Add-ons Reviewed. (Part 2)

This is the second article in a two part series that examines the four email encryption add-ons developed for Microsoft Outlook by Encryptomatic LLC. I will assume you have absorbed the basic idea between symmetric and assymetric encryption schemes in part one.

Why does Encryptomatic LLC offer four different add-ons for encrypting Outlook email?  Why not just one? Each add-on has a sweet spot based mainly around processes.  It's no use sending a highly secure message to someone who will never be able to read it. Likelywise, if there is very little protection, then the message is probably best left unsent.

All of add-ons, if used responsibly, can provide a high degree of privacy for the message, especially against non-state actors. If you want to protect your message from people inside your company, your ISP, or Google, then any of our addons will suffice.  If you are trying to avoid NSA eavesdropping, then the best answer for you is OpenPGP.

Encryptomatic OpenPGP

 

Our new OpenPGP add-on for Microsoft Outlook will join our product lineup in late 2015. It is currently in beta. If you are interested in trying the beta, please email supportline at encryptomatic.com

We decided to create this product after listening to customers who were required to use OpenPGP to communicate with insurance companies.  They had no choice in the selection of the encryption method; they had to use OpenPGP, and they were struggling with the cost and complexity of installing it.

We also learned that some of the offerings available were simply not working very well in Outlook. They were difficult to use, and referenced outside applications for key management.  While Encryptomatic OpenPGP is still a work in progress, we believe that compared to other addons in the market, ours has the easiest setup and implementation process, a fair price (free for personal use) and a use process that is simple and unobtrusive.

OpenPGP email encryption add-on for MS Outlook.
Encryptomatic OpenPGP addon toolbar installed in Microsoft Outlook
Encryptomatic OpenPGP provide the ability to encrypt, sign and manage keys, and is interoperable with other PGP software.  We recommend Encryptomatic OpenPGP wherever PGP is used, and when security and privacy trumps convenience.  As OpenPGP integrations with Microsoft Outlook go, we think you'll find our software to be the most useable available. If not, please let us know and we'll make it better.


Price: Encryptomatic OpenPGP is free for personal use.  Contact support at encryptomatic.com for business pricing.

Lockbin


Lockbin is a service for secure communication build around convenience, and the ability to send a message to anyone. It is typically used by doctors, lawyers, accountants, transcriptionist,  and other smaller office professionals who need an effective and practical way to communicate with  patients, clients and customers who are not sophisticated enough to implement OpenPGP.

Although Lockbin has a free add-in for Microsoft Outlook, the secure messages can also be retrieved by signing in to Lockbin.com,  on an Android app, or through the Lockbin Java application.

Screen shot showing the icons of the Lockbin toolbar in Outlook 2013.  The icons are titled: Settings, Receive Messages, and Send Request
Lockbin email encryption toolbar in Microsoft Outlook.
Lockbin uses public/private key encryption, but has simplified the process.  All messages on the Lockbin servers are encrypted at all times. No private keys are accessible on the servers, even to staff.

Lockbin gives you the ability to easily send secure messages to anyone. When you want to send a message to someone who is unknown to Lockbin, it will send an invitation to the recipient inviting them to a free account.  The signup process is free, immediate, simple, advertising free and non-invasive. 

Lockbin works best when both parties have a Lockbin account, but you can optionally send a password protected symmetric key encryption message to the recipient.

Price:
There is no charge for the Lockbin add-on for Microsoft Outlook.  Lockbin basic accounts are free. Premium accounts start at $4.95 per month for a single user, with discounts for multiple users.
Download the Lockbin addon for Outlook.

PDF Postman

PDF Postman toolbar in Outlook 2013. Buttons read "PDF Encrypt Email," "PDF Encrypt Files," and "PDF Files."
PDF Postman encryption addon for Microsoft Outlook

PDF Postman is intended as a uni-directional communication process. That is, if you need to privately send a message and/or file to someone who cannot be bothered to sign up for anything or install special software, and a reply is not expected, then PDF Postman may be a good fit for you.

PDF Postman uses the common Portable Document Format, aka PDF files, to protect your messages.  AES-256 bit strong encryption is built into the PDF specification. Any spec compliant PDF reader such as Adobe Reader, can decrypt a PDF Postman message. This is useful because it means PDF Postman messages can be opened across any device platform: Windows, Linux, iOS, Android -- any device that has a compliant reader.

To open a PDF Postman encrypted PDF file, the recipient simply clicks on it. The encrypted PDF file is automatically loaded into the viewer, which recognizes that the file is encrypted and asks for a password.

PDF Exchange viewer prompting "Please enter valid user or owner passwrod for the document."
PDF viewer prompting for a password.
 When the correct password is entered, the PDF message can be viewed.

Price:
PDF Postman is $69.99 for a single license and one year of updates and support.
Download a free trial of PDF Postman

MessageLock

MessageLock toolbar. Text reads, Options, Help, Encrypt Message, Encrypt Attachments, Compress Files.
MessageLock toolbar in Microsoft Outlook

MessageLock is a simple and seamless end-to-end email encryption option for Microsoft Outlook. It is at its best when all users have Microsoft Outlook and MessageLock.

MessageLock can be sent to automatically encrypt messages to other MessageLock users. This is convenient and makes sending secure messages a essentially a background task that does not interrupt the sender or recipient.

MessageLock supports using different passwords for sending and receiving messages. Messages may be decrypted automatically when received and placed in the normal Outlook e-mail list.

If you will be regularly communicating with a small group of other Outlook users and end-to-end privacy is desired, then MessageLock may be right for you.

MessageLock also has an integration with Lockbin, so that you can send and receive messages through the Lockbin service. This makes MessageLock useful as both a end-to-end system, and as a "send to anyone" system.

Price
MessageLock is $49.99 for a single license and one year of updates and support.
A free 15 day trial is available to download.

Which Email Encryption Add-on Is Best?

If you are still unclear which of the four Outlook email encryption add-ons we discussed is best for you,  just try them!  All are available on a 15 day free trial.

If you have any questions, post them in the comments below, or email us our Sales team at sales at encryptomatic.com. You can also call us, 1-651-851-4902.

We are always willing to listen to your situation and recommend the best product to fit your specific situation.






























What is the Best Email Encryption Software For Microsoft Outlook? Four Add-ons Reviewed. (Part 1)

E-Mail encryption has quickly moved into the mainstream. Once the exclusive domain for spies, protecting our email communication will soon be as common as locking the doors and windows to our homes.  When email encryption is not mandated by law to protect certain kinds of data (Patient Health Information, for example), it is still a good idea.

Encryptomatic LLC has helped tens of thousands of companies find practical ways to encrypt email communications end-to-end. This article looks at four add-ons for Microsoft Outlook that our company developed and currently supports.  These add-ons are:


Why did we develop four add-ons, and not just one, especially when they are not compatible with each other?  We believe that the best e-mail encryption is the one that gets used. And while there are differences in overall defendability between the algorithms,  if the solution is so complicated, convoluted and impossible to implement, then it provides no protection in the end.

Each of our products as a "sweet spot" where it does certain things very well, mostly around process and convenience. In this article we will discuss each of our products, why it came to be, and what we see as the sweet spot for that product. By creating four differet products, our intent was not to confuse you, but to build a solution that would be a great fit for your business processes.  So that you will actually use it.

Symmetric versus Assymetric Key Encryption

Before we begin, let me say a few words about email encryption.  If you already understand this concept, then feel free to skip ahead to the next section.

The most difficult part of email encryption for the sender and receiver (outside of setting up the software) is exchanging keys. These keys are used to protect and open messages. An appropriate key is hopefully a very long and random sequence of numbers, letters and characters. Hopefully you would never use a key such as "Password123."  A key can also be computer generated, and split into a public part and a private part using complicated math.

OpenPGP is an assymetric scheme, which means each person particpating has a two keys: a public key and a private key. You are free to share the public key with anyone. You tweet your public key or even post it to Facebook. It is for the world to see. Your public key is used by others to encrypt messages destined for your inbox.  The amazing thing is that only your private key can open messages that have been encrypted with your public key.  It's important to keep your private key absolutely private.  But your public key can be given away to anyone.

In symmetric key encryption schemes are little more simple. The the same password that encrypts a message is used to decrypt the message.  It's sort of like those old movies when some knocks on a door and is asked "What's the password," before they can enter through.  A symmetric key must be kept secret by both the sender and the recipient.  It must also be agreed on between the sender and recipient.  Unless symmetric keys are agreed upon by two individuals in person, smmetric schemes are more susceptible to state actors who can monitor multiple sources of communication. Of course, you should never send the symmetric password in an email. But a state actor could possibly monitor you telephone or instant messaging or other mode of communication used to share the password.

Why use anything else?

If assymetric schemes like OpenPGP are clearly better, why would anyone use a symmetric password?   The trade off is often ease of use. If you are a sophisticated technologist and so are your friends and people you work with, then you should definitely use OpenPGP. No question about it.

But what if you want to send some important tax documents to your Dad, who is not very sophisticated? Ideally, you would invest the time to educate Dad (and maybe even Mom) and help them set everything up on there computer, show them how to generate a public/private key pair.

Depending on your situation, educating Dad and Mom may not be practical.  In this case, if the option is to just give up and say "To heck with it, I'll send it unencrypted," symmetric key (password) encryption is a much better option.  With a symmetric password communicated by phone, your Dad can receive the document and easily open it when it arrives by simply typing in the password.

In Part 2, we will take a look at the four Outlook email encryption add-ons  provided by Encryptomatic LLC.

Continue to PART 2