In a question recently submitted to “Ask Erik,” John asked:
“How does sending a TLS-encrypted email sometimes become non-compliant? Lets says I send an email from my Office 365 Business account to a gmail.com account which both support TLS encryption. Is it because I do not know what path and what servers the email has to go through? Does each server have to decrypt the email and is that when it becomes non-compliant? I love the Luxsci forms by the way!”
This is a great question! In a recent survey that LuxSci did, less than 50% the people interested in secure email even knew what TLS is and how it works. So it is not surprising that there is a lot of confusion out there about what is acceptable for compliance and what is not.
Read the rest of this post »