Choosing the right small business email encryption solution can be maddening. There are so many products out there, it can make your head spin. So which small business email encryption software should a business owner chose?
Let’s establish how you wish to use email encryption. You don’t want to force your recipients to install special software and you want a product that boosts compliance because it is easy for your staff to use with their existing email application. You also want your staff to send emails from their current applications (as opposed to logging into a custom email client). This helps narrow down your choices to software that acts as a plug-in to your desktop email client like Outlook.
There are many email encryption products that function as Outlook plug-ins, and they approach email encryption in various ways. One method, which bundles up your file attachments into a self-executing .exe zip file, has fallen out of favor since executable file attachments are often rejected by email servers and virus protection software. Three other methods, grouped by the general type of delivery method used, are described below.
This is probably the most popular method. Compose your email in Outlook, click on the plug-in’s icon, and your entire small business email is automatically sent to an encryption server in your local network or in the cloud. The server then encrypts the contents and stores them. Some products then email an encryption key to your recipient embedded in a link. In other cases an email is simply sent with a link to a portal. When the recipient clicks on the link, it starts the process of authenticating the recipient after which the recipient is allowed to view and/or directly download the message. Authentication of the recipient can be automatic (for example by automatically matching the email address with a unique message id and encryption key embedded in the link) or by requiring the recipient to enter a username and password.
• Your recipients do not have to install any special software.
• Portals are useful for transferring very large files.
• The email message and file attachments are no longer secure once they are decrypted.
• The sender often has very little control over which parts of their email are encrypted.
• Your recipients will have to switch away from their email client and open a browser to view the message….can be very annoying when checking emails in a rush.
• Your recipients may have to go through the trouble of creating an account, or going through the typical “forgot password” hassle.
• In some cases your email recipients can only view the email in a special proprietary interface of the encryption software, rather than having the email displayed in their normal inbox.
There are many products which use variations of this method. Check out Cryptzone, Enlocked and Leapfile. Prices vary, and are typically over $100 per user per year.
Method 2 – PDF delivery
This method uses PDF technology to encrypt your file attachments. One version of this method converts each attachment into a PDF file which is then encrypted with a password. Another version bundles your file attachments into a PDF envelope or container so they are now reduced to a single PDF file, though the individual files within the envelope are not encrypted. The recipient clicks on the PDF attachment and enters the password. Passwords may be randomly generated, or be created by you, or by the recipient.
• The recipient does not have to log into a portal, nor switch from their email client to a browser to retrieve the attachments.
• If the file is individually converted to an encrypted PDF document, it will remain encrypted even after delivery to the recipient.
• Although the file attachments are protected, the email message itself is unencrypted, so if you type text or insert pictures or tables directly into your email message body, these will not be encrypted.
• If the file is converted to a PDF document, the recipient will not be able to edit and redline the content with the functionality of the native application that the sender had used. For example, if you convert an Excel spreadsheet or PowerPoint presentation to PDF, it loses its native functionality and makes it difficult for the recipient to collaborate with you.
• If the files are instead wrapped in a PDF envelope, then the file attachments themselves are no longer secure once they are extracted from the PDF envelope.
Products using this approach include Privasphere, Symantec and Sophos. You can expect to pay upwards of $110 per user per year.
Method 3 – Normal delivery
Using this method, your small business email is delivered to your recipients in their Inbox like normal, just the way you composed your email. The encryption is done using the native encryption of the software you used to create the file, so your password-protected files remain in their native format (WORD, Excel, PowerPoint). The neat part is that you can even choose to encrypt the email message you typed in your Outlook….the message is converted to a password-protected WORD file. Passwords can be pre-assigned to the recipient and associated with a hint, which is automatically sent by a second follow-up email.
• Files retain their native format after encryption, so your recipient can open them using WORD, Excel or PowerPoint as the case may be. Your recipients can freely edit the files, send you redlined comments etc. Works great when you are collaborating with each other.
• You can type confidential information, insert tables and pictures directly into your email message body and convert it into a password-protected file attachment. Saves the trouble of creating a separate file in WORD and then attaching it to an email.
• This method is hassle-free for your recipients, since they can open the email and attachments directly from their Inbox.
• The file attachments remain encrypted even after delivery, since each file is individually protected with the password.
• The product that uses this method, called docNCRYPT, currently only supports the Windows version of Microsoft Outlook on the sender side. Mac is not currently supported.
• Also, a sender will need to have Microsoft Office installed to be able to encrypt WORD, Excel and PowerPoint files.
Prices are a very reasonable – $75 per license Check out docNCRYPT.
Conclusion. Most small businesses use Microsoft Office on their Windows desktops for word processing, spreadsheets and presentations and use a free service like Dropbox or SkyDrive to transfer large files. If that profile fits your situation, docNCRYPT is going to be your best (and least expensive) choice since password-protected files remain encrypted in their native formats. If the profile doesn’t fit, you will have to live with the reduced functionality of the other products mentioned in this article.