Our sales staff have been asked this question countless times. It is a natural assumption that because SSL and TLS encryption of email (and web sites) requires use of an “SSL certificate“, that one must buy an SSL certificate in order to use such a service. Fortunately, the answer is always
You do not need to buy your own SSL certificate to use secure email.
Read the rest of this post »
When sending outbound email from an email program (like Outlook or Thunderbird) or from a mobile device (like iPhone or Blackberry) that is not using Premium MobileSync, your program or device connects to our outbound email servers using an Internet protocol called “SMTP” (The Simple Mail Transport Protocol).
An email server, however, does lots of different things in addition to sending outbound email. It may allow checking of email via POP or IMAP, or checking your address book using LDAP, or other things. So, when your email program connects to the server it has to specify what it wants to do (i.e. send an email). It does this by connecting to a numbered “port” on the server. Port number “25” is the Internet standard for “regular outbound email”.
However, because port 25 is standard for outbound email, many ISPs, wifi networks, hotels, airports, and other locations that provide Internet access will arbitrarily block any connections to servers (except perhaps their own) on port 25 in order to stop spammers from using their services for the sending of spam, viruses, or malware and to prevent their IP addresses from being black listed.
Read the rest of this post »
You thought email was a simple concept, but you are at once confronted with a plethora of acronyms and jargon like POP, IMAP, WebMail, Aliases, Forwards, SMTP, IMAP, POP, Quota, SPAM, TLS, SSL, Archival, and more! This article describes the ins and outs of email, explains these terms, and helps you figure out what services and features you need from your personal or business email service provider.
Read the rest of this post »
The Secure Socket Layer, SSL for short, is a protocol by which enables services that communicate over the Internet to do so securely.
SSL has recently been replaced by TLS (Transport Layer Security). TLS is newer and more secure than SSL (See TLS vs SSL: What is the difference?); however, from a lay-person’s perspective of “how does it work,” they are functionally the same. We use the term “SSL” to refer to both TLS and SSL in this article for simplicity.
Before we discuss how SSL works and what kinds of security it provides, let us first see what happens without SSL.
This is, for example, what happens when you go to any web page whose address begins with “http://” (and not “https://”).
Let us compare communications on the Internet and communications between people over the telephone. Without SSL, your computer-to-computer communications suffer from the same security problems from which your telephone communications suffer:
Read the rest of this post »
Email and other data are either being “transmitted” or “processed” or are “at rest.” I.e., it is moving from one computer to another, stored/at rest on a computer, or preparing to be transmitted or stored.
While most types of compliance regulation, such as HIPAA, specifically require that data be transmitted securely, not all regulations require that data be stored in an encrypted form while at rest. I.e., HIPAA does not require at-rest encryption, though it is recommended to decrease risk and potential liability in some situations.
Having your email and other data encrypted while at rest can potentially increase the security of that data, even if that level of security is not explicitly required. As a result, many LuxSci customers have asked how to ensure that all of their email and other data are encrypted while at rest.
Read the rest of this post »
