Unconfigured Ad Widget

**ocabj** · 04-02-2015, 9:04 PM

If you're using Office 365, you can use Office 365 Message Encryption. Exchange Hosted Encryption is being deprecated for O365 ME.

I'm not on the email team at my org, but they were looking into Cisco Email Encryption. I don't know what happened to that project.

**msternin** · 04-02-2015, 9:56 PM

Originally posted by FresnoRob

Anyone have a recommendation for a user friendly Exchange email message encryption system?
Most I look at will hurt the end users brain to use.
This is for a medium sized client without on site IT support.

Are you looking to do message encryption or message signing or both? Not trying to insult intelligence, but are you familiar with the two?

Certificates are fairly easy to install into Outlook as a client to Exchange.

**the86d** · 04-03-2015, 5:19 AM

Create a word doc then encrypt it with 7zip (AES-256 w/.7z ext, while encrypting the file name inside the archive too), and then attach it, but don't include the passphrase to decrypt in any e-mail sent/received from that account (sneeker-net-only), or anywhere on the machine in plain-text...

Call the file "Places to use eCigs in the office", or "e-mail rape", or "The IT department is..." and make that the Subject too.

OR are you looking for something like this:

Email Self-Defense - a guide to fighting surveillance with GnuPG encryption

https://emailselfdefense.fsf.org/en/windows.html

Email surveillance violates our fundamental rights and makes free speech risky. This guide will teach you email self-defense in 40 minutes with GnuPG.

**ocabj** · 04-03-2015, 9:25 AM

Originally posted by the86d

Create a word doc then encrypt it with 7zip (AES-256 w/.7z ext, while encrypting the file name inside the archive too), and then attach it, but don't include the passphrase to decrypt in any e-mail sent/received from that account (sneeker-net-only), or anywhere on the machine in plain-text...

Call the file "Places to use eCigs in the office", or "e-mail rape", or "The IT department is..." and make that the Subject too.

OR are you looking for something like this:
https://emailselfdefense.fsf.org/en/windows.html

This is too 'complex' for regular users. Not to mention, encrypting attachments with a passphrase and having to send that to the target recipient out-of-band is a weakpoint in the workflow.

This is why Exchange / Office 365 secure messaging makes more sense for an environment already using Exchange. Recipients will use their existing credentials to 'decrypt' email, and in the event you have to send an email to a user not in your email domain, the target recipient will create an account or use an account pre-created for them in your Exchange domain for them to access said secure message.

PGP was all the rage in the mid-90s, and public-private key encryption came to the forefront. While we use pub/priv heavily in other ways (e.g. ssh), it never caught on in the mainstream for email due to the user inconveniences and lack of true end to end support with the most widely used mail clients. If the encrypted emails are going to remain within the email domain of the org, then I think pub/priv key email encryption will be feasible, since you can simply control (e.g. mandate) specific email client software (and plug-ins) to facilitate this in the org, not to mention create a local public key repo and/or manage public-key 'wallets' for the end users.

**Satex** · 04-03-2015, 8:22 PM

Originally posted by FresnoRob

Anyone have a recommendation for a user friendly Exchange email message encryption system?
Most I look at will hurt the end users brain to use.
This is for a medium sized client without on site IT support.

Unfortunately, there is no simple way to do message encryption that doesn't cause the brain to hurt.

**FresnoRob** · 04-04-2015, 8:27 AM

Originally posted by ocabj

This is too 'complex' for regular users. Not to mention, encrypting attachments with a passphrase and having to send that to the target recipient out-of-band is a weakpoint in the workflow.

This is why Exchange / Office 365 secure messaging makes more sense for an environment already using Exchange. Recipients will use their existing credentials to 'decrypt' email, and in the event you have to send an email to a user not in your email domain, the target recipient will create an account or use an account pre-created for them in your Exchange domain for them to access said secure message.

PGP was all the rage in the mid-90s, and public-private key encryption came to the forefront. While we use pub/priv heavily in other ways (e.g. ssh), it never caught on in the mainstream for email due to the user inconveniences and lack of true end to end support with the most widely used mail clients. If the encrypted emails are going to remain within the email domain of the org, then I think pub/priv key email encryption will be feasible, since you can simply control (e.g. mandate) specific email client software (and plug-ins) to facilitate this in the org, not to mention create a local public key repo and/or manage public-key 'wallets' for the end users.

Yep. Looking into the Office 365 thanks to all who meantioned it.

Originally posted by msternin

Are you looking to do message encryption or message signing or both? Not trying to insult intelligence, but are you familiar with the two?

Certificates are fairly easy to install into Outlook as a client to Exchange.

Message encryption.

Unconfigured Ad Widget

Email Message Encryption

Email Message Encryption

Comment

Comment

Comment

Comment

Comment

Comment

Calguns.net Statistics

What's Going On