Have you ever wondered where an e-mail goes after you click that familiar, little send button?
My Geek, Inc. will fill you in on a little secret; The e-mails you send or receive don’t go directly to your intended recipient or come directly to you from the sender. In short, e-mails transverse the World Wide Web.
We know what you’re thinking, of course e-mails are sent and received through the internet. But what exactly does that mean and what are the risks?
After you click send on an e-mail, the data contained in your message including any e-mail attachments is either sent to an on-premise mail server on your network or over your local network to a router like device on your network. Once received by the router on your network, it gets pushed to the Internet Service Provider. From the ISP, the data travels across miles of cabling and through multiple network devices including switches and routers until it reaches the recipient’s mail server where it gets put into their mailbox.
If you use an e-mail service provider such as Microsoft Office 365 or Gmail the e-mail flows to that service’s network where it goes over more cable and more network devices until it reaches their mail server. Once at their mail server it gets pushed back out to the internet again and again it’s routed over miles of cabling and more network devices until it reaches the designated recipient’s mail server.
Many people don’t understand the risks of e-mail and the fact that by default, most e-mail isn’t secure. E-mails are sent in plain text and are therefore inherently vulnerable. ISPs or employers also have the ability to archive or backup e-mails that are transmitted over their networks. Then there’s the risk of human error; E-mails can be accidentally misaddressed and sent to the wrong recipients.
At any point during an e-mail’s journey it is susceptible to a “man in the middle attack”. An attacker can pull that data from the “wires”, servers, routers or switches. Once this interception has occurred, the e-mail can be altered, forwarded, redirected or have the data taken. The consequences of this vulnerability can be steep, including ruining you or your company’s reputation to the all dreaded identity theft.
If privacy is important to you and it is to most of us, especially those in medical, law and housing related industries who frequently need to send e-mails that are comprised of sensitive data like personally identifiable information, legal agreements, bid contracts and anything in between, then there are a few solutions to securing your e-mail transmissions.
- Digitally signing e-mails
- Encrypting e-mails
- Utilizing a secure e-mail service
Digital signing enables a recipient to verify that an e-mail indeed did come from the original sender. Encryption enables a sender to sign an e-mail with a private key, keeping the e-mail encrypted until it arrives to the intended recipient who has your public key and is able to decrypt the contents of the e-mail. Both of these options are relatively inexpensive to implement and will keep your communications with intended recipients or senders safe and secure.
If you’re in an industry that is bound by policies such as HIPPA Compliance, you may need a pre-established secure e-mail solution in order to abide by these policies. These types of services will allow for secure e-mail transmissions that protect you and your clients.
With the skyrocketing amount of data breaches in our present time and the risk of being a victim to one of these costly attacks exponentially greater than it used to be, it’s our responsibility to protect ourselves, our companies and our customers. My Geek, Inc. is a valuable partner and resource to you and your clients as we will help you implement the perfect solution in order to mitigate these risks. Now is the time for us to have a conversation regarding your current e-mail security posture, needs and what we can do to help. Get in touch today!