" s/mime Archives - Page 3 of 4 - LuxSci

Posts Tagged ‘s/mime’

Stopping Forged Email 4: Your Last Resorts

Wednesday, March 4th, 2015

In previous posts we have examined how hackers and spammers can send forged email and how it can be extremely difficult to differentiate these messages from legitimate messages.  We have looked at the various common techniques for anti-fraud such as SPFDKIM, and DMARC and seen that, while these technologies can help a lot, they all have limitations; they all require strict and proper setup by the owner of the purported sender’s domain, and they must be well supported by your own spam filtering system.

Yet even with these technologies, it’s not hard in many cases for a determined attacker to send you a forged, fraudulent email message that still looks and feels legitimate.

What else can you do to validate email messages and protect yourself from phishing or social engineering attacks?

Read the rest of this post »

SMTP TLS vs Secure Message Pick Up: Which is Better for HIPAA?

Wednesday, November 12th, 2014

There are many methods for sending an email message securely. These generally vary in terms of the degree of security vs how easy they are to set up and use. The two most common email encryption methods include:

  • SMTP TLS: Encrypting the message only while it is transmitted between the sender’s and the recipient’s servers.  See: SMTP TLS: All about secure email delivery over TLS.  Note that SMTP TLS is only supported by some email service providers.
  • Secure Message Pickup:  Sending the recipient an email notice with a link. The recipient clicks on the link and goes to a secure web site to authenticate and access the message. (LuxSci call’s this method “Escrow”). Secure Message Pickup allows one to send a secure message to anyone.

Other methods, such as PGP and S/MIME, are also in wide use. However, these require a lot more setup and collaboration between the sender and recipient. The above two methods are most commonly used for sending messages to people that you have not otherwise communicated with.

So, which is better? How does that answer change when HIPAA compliance is involved?

Read the rest of this post »

Ensuring all data is encrypted at rest with LuxSci

Friday, May 10th, 2013

Email and other data is either being “transmitted” or “processed” or is “at rest.”  I.e., it is moving from one computer to another, or it is stored/at rest on a computer, or it is preparing to be transmitted or stored.

While most types of compliance regulation, such as HIPAA, specifically require that data be transmitted securely, not all regulations require that data be stored in an encrypted form while at rest.  I.e., HIPAA does not require at-rest encryption, though it is recommended to decrease risk and potential liability in some situations

Having your email and other data encrypted while at rest can potentially increase the security of that data, even if that level of security is not explicitly required.  As a result, many LuxSci customers have asked about how to ensure that all of their email and other data is encrypted while at rest.

Read the rest of this post »

Encrypting Sent Email — An Often Overlooked Part of End-to-End Encryption

Wednesday, September 26th, 2012

You are proactive and security conscious.  You use end-to-end encryption software, like PGP or S/MIME or LuxSci SecureLine, to send your sensitive messages to their destinations, ensuring that the message content is encrypted the entire way … because otherwise, email is just plain insecure.

Oh – but what about the copies of these messages saved to your “Sent Email” folders?  Are they encrypted or secure?  Should they be?

Read the rest of this post »

Can You Make Your Email More Secure?

Wednesday, August 26th, 2009

LuxSci offers many options for email security. Whether it is PGP, S/MIME, LuxSci’s SecureLine end-to-end email encryption, or forced secure logins over SSL, LuxSci can guide you in making the best choices for secure and safe email.

End-to-end email encryption is one way to ensure that your email can only be read by the intended recipients. SSL and TLS connections are secure, but only to a point. While you can ensure that your users connect securely to LuxSci’s servers, who is to say that your recipient’s connection is secure? With LuxSci SecureLine, even if the recipient’s connection isn’t secure, you can be assured that your message is sent securely and can only be read by whom you intended.

Read the rest of this post »

LUXSCI