While messaging apps may have become more popular over the last ten or so years, email remains an essential method of communication, particularly for businesses. Despite its widespread use, there are many security problems associated with regular email: Message Tampering False messages are a significant threat, particularly regarding business and legal issues. Imagine someone else […]
This question came in via Ask Erik: Hi Erik, I stumbled upon your blog while trying to learn a little about SSL/TLS in the context of client/server e-mail sessions, i.e. not web mail which I understand to be an HTTP session. I am just an ordinary user with no special security needs but I find […]
Here is a question from “Ask Erik:” Dear Dr. Kangas, When I write an email to a patient from my LuxSci account, it is encrypted and therefore HIPPA compliant. When they write me back from their regular email address (it’s often hard to get them to sign up at LuxSci), they are putting [PHI /Medical […]
SSL (Secure Sockets Layer) and TLS (Transport Layer Security) are foundations of security on the Internet. However, between colloquial usage and the relationship between these security protocols, there is a lot of confusion regarding how they are related, how they are different, and what to use in what situation. For a detailed analysis of these […]
Data Loss Prevention (DLP) describes a plan for companies to control the sending of sensitive data. E.g. this can include controls to stop the flow of sensitive data or to ensure that sensitive data is always well-encrypted (for compliance) when sent. In the context of email, DLP is usually achieved through the following formula: Construct a […]
