28 December 2015

How to Select Email Encryption Software? 4 Practical Questions to Answer Before Making a Choice.

Every day, we field phone calls, live chats and (unencrypted) email messages from people who are in search of information about email encryption.  The caller will usually begin their Q&A with a very general statement such as, "I need to encrypt emails. Tell me how to do it."

Because Encryptomatic LLC has been helping people encrypt sensitive emails for more than a decade, this is where I usually pause the conversation to get more information.  By the time I get to speak to the caller, they have already been overwhelmed with arcane terms, even more arcane encryption technologies, government regulations that threaten terrible consequences, prices that range from hundreds of thousands of dollars to free open source software, and they are confused.

Before I frustrate them any further, I ask them four questions that will help me determine whether or not any of our products are a fit.

1. Which email client, if any, do you or your organization work with?

Start with your email client and work backwards.  If you represent a company with 1,000 desktops, and everyone is a seasoned Microsoft Outlook user, then you really want to find a solution that works well with Outlook. Likewise, if you use Thunderbird, or Gmail, that's where you should begin your search.

2. What regulations bind you?

Understanding the requirements of your industry is crucial.  Don't take shortcuts. It will serve you well to make a knowledge investment here.  Convince your boss to send you to that industry security conference so that you can obtain this expertise for your organization. Beware of any sales people who tell you that they are already "compliant," and that you can just trust their self-certified software.  While you can certainly take their advice (or my advice for that matter), what your organization needs is an in-house expert who has some exposure to the industry regs that bind you. Also be aware of compliance and archiving requirements for your industry.

3. Who will be receiving your encrypted messages?

Don't forget that sending encrypted emails is only half of what is required.  You can send secure emails all day long, but it won't help if the recipient cannot receive your messages.  Understand who is the intended recpient, and how much work are they willing to do to open your messages.  Do they share your motivation to encrypt email messages?  It is different to ask someone who is tech saavy to install encryption software versus someone who is a casual customer. Make sure that your important intiative to protect email communications doesn't fail at the point of reception.

4. Who are you willing to deal with?

Selecting email encryption software for your organization is a big commitment in training, implementation and processes. It means partnering with your supplier to protect crucial communications.  Don't choose the wrong company to work with. Encryption software will need regular updates. You will have questions and need answers, so make sure they answer the phone and respond to emails.

Open source software is great for the right companies,  especially those with a developer on staff who understands encryption and can fix bugs along the way. If that's not your company, then working with a software publisher that issues updates and can respond to your customization requests will be important.

Which Email Encryption Solution is Best?

If there was a single answer to that questions, your job would be easy.  You could just go into the market and find the best price and voila! Problem solved.

As you no doubt have discovered, there are many different approaches to email encryption. Lets break a few of them out.

Pretty Good Privacy, or PGP has been around since the 1990's and is still generally considered to be both the most secure method of email encryption, as well as the most difficulty. In this case, high security equals high difficulty.  PGP is supported by both large corporation entities such as Symantec as well as a core of dedicated open source encryption enthusiasts with a passion for privacy.   Each person has a public key that they share with the world, and a private that they keep safe and secret.  Anyone can encrypt an email for you using your public key, then you use your private key to unlock that message. The math is complicated, but it works very well.  Just remember: share you public key, and protect your private key.

Encryptomatic Open PGP add-in for Outlook, shown in Outlook 2016 toolbar.
OpenPGP Add-in for MS Outlook

Encryptomatic LLC has contributed to OpenPGP with an add-in designed specifically for Microsoft Outlook users.  We wanted to make it accessible, so Encryptomatic OpenPGP for Outlook is free for personal use, journalists, activists and non-profit organizations, and affordable for everyone else. You can learn more and try it free.

Symmetric Key Solutions
There are lots of email encryption solutions that rely on the sender and receiver knowing the same key.  These are generally quite easy to use, but less secure and the key (or password) must be shared privately between the sender and receiver, and this sharing creates a vulnerability.

Symmetric key email encryption has its place. It's easy for recipients.  Encryptomatic LLC has designed a couple of symmetric key email encryption add-ins for Outlook.

MessageLock is useful when both recipients have Outlook and MessageLock. The process of sending and receiving secure messages can be made seamless, automatic and invisible.

Screen image of MessageLock add-in for Outlook.
MessageLock email encryption for Outlook

For cross platform compatibility and ease of use, our PDF Postman solution is hard to beat. PDF Postman encrypted emails and files and places them within an encrypted PDF envelope, which means that any recipient who knows the password and has a device with a PDF reader can open the message.

Image showing PDF Postman message in Gmail inbox.
PDF Postman for Outlook

Email Encryption as a Service
Many companies have discovered that they need something between end-to-end OpenPGP and simple password encryption. That is where a mediated solution might be the best fit.  Encryptomatic LLC operates Lockbin.com, which implements encrypted messaging as a service that enables sending and receiving to anyone.  The recipient does not need special software. A simple and non-invasive signup process for a free Lockbin account is all that is asked of the recipient. Management of public and private keys happens behind the scenes, even while the Lockbin acocunt holder maintains full control over their public/private key pair.

While there are many other service providers in this space, Lockbin differentiates itself through its longevity and through a product set that includes online access via Lockbin.com, an Android app on Google Play, a Java app and an convenient add-in for Microsoft Outlook.

The downside to using email encryption as a service is that it is never trustless. The service provider could, if required by law, capture the credentials and supply them to the demanding authority.

In conclusion...
We hope this has been useful. Feel free to contact Encrptomatic's support and sales people. We will be happy to discuss your requirements, and recommend the best product for your needs as we understand them, even if it is not our own product.  Life is too short for unhappy customers, and so if you are not a good fit for our products, we will tell you so.

If you found this article helpful, please tell us below or feel free to share.

15 December 2015

Becoming an Email-to-PDF Conversion Jedi

When Stars Wars launched in 1977, relatively few people had ever heard of email, let alone received one. Even though other forms of messaging have largely overtaken email in our personal lives, business and customer communications often are sent by email because of it's open characteristics. The same openness that has allowed spam to become a huge problem for email administrators is also what makes it useful for communicating with customers and others who want to do business with our organizations.

At Encryptomatic LLC, we are focused on helping our customers manage their e-mail content. One of the important tasks that help people perform is converting email into different formats. In particular, PDF portable document format.  PDF is everywhere. It's used for storing, organizing and sharing email across platforms.

Our customers frequently find our products after spending days trying to cobble together an email-to-pdf conversion solution. While installing a PDF print driver sounds like a reasonable way to go, and is often cited as the first method that our customers try,  the problems of this method quickly become aparent.

PDF print drivers just can't handle complex email formatting, and they don't offer the functionality that quickly becomes an obvious need:
  • They don't provide custom file naming, forcing you to manually name the files
  • They can't handle email file attachments automatically
  • They can't export email in bulk
  • Bulk exported email can't be organized in subfolders
  • and so on...
Encryptomatic LLC offers products that push the traditional limitations on email conversion, addressing all of the aforementioned problems.  Ten years of listening to our customers and dealing with their issues have helped us to develop an uncommon set of products that help you get your email conversion work done accurately and quickly.

Email messages that can not be accurately read, printed or converted by competitor's products will probably render just fine in our software. If they don't, let us know and we will code a fix.  Over the years our developers have discovered and coded solutions into our products for hundreds of unique and uncommon format exceptions that exist in the wild.

Yes, there are published email specifications that if respected to by all developers would make life much easier for software developers.  The reality,  however is that there are many email clients and applications that produce poorly formatted email content.  Our email rendering engine, MVCOM is probably the most accurate and expansive product of its type ever developed.  MVCOM drives the rendering of email content in PstViewer Pro, and MsgViewer Lite, two of our email viewing products.

For Microsoft Windows Office Outlook users, MessageExport  vastly expands and simplifies converting Outlook email to PDF and many other formats.  It lets you automate routine email export tasks, and perform PDF conversion with uncommon simplicity and utility.

Screen image of MessageExport toolbar in Outlook 2016.
MessageExport add-in for Outlook.

We hope you'll take our products for a test drive. They are well worth the price. It will not take you very long to recover your investment in our products in time savings and productivity.  The average moderately-heavy MessageExport user recovers their investment in about one week.

Thanks for stopping by, and feel free to post any questions for us here. We love to hear from you.

03 December 2015

MessageExport add-in for Outlook, version 4.0 released.

Screen image of MessageExport addin, in Outlook 2016.
Export Outlook emails with MessageExport add-in.

MessageExport was updated today. Version 4.0 is available through the software upgrade service, or at the product home page, https://www.encryptomatic.com/messageexport/

Version 4.0 brings tested support for Outlook 2016, an updated help system and fixes for customer contributed issues.
MessageExport add-in for Microsoft ‪#‎Outlook‬ is the premier tool for exporting, converting and copying Outlook ‪#‎email‬ messages to ‪#‎PDF‬ and many other formats. Convert emails in bulk, individually, or automate the email export process.