How Email Encryption Helps to Keep Businesses Safe

Learn how encryption and adopting an Email security solution can help defend your organisation against Email based threats.
Organisations across the world are continuously under attack from email-based threats. From sending malicious links containing malware, to deploying highly targeted phishing attacks (whaling), criminals will go to extreme lengths to try to gain access to your network to steal sensitive information, causing financial and reputational damage to your organisation.
This guide explains how you can keep your email secure by using encryption and spam prevention methods. Read on to learn more about email encryption – what it involves, how you can encrypt your emails, and why it matters.

Need to solve a pressing email security challenge?

Talk to our experts today



What is email encryption?

Encryption helps to keep your emails safe and secure as they make their way to the intended recipient. The encryption process is usually delivered by your email client (Outlook, for example) when it sends and receives email. 
When you set up Outlook, Apple Mail, Gmail, or whatever system you use, the email client will use a TCP (Transmission Control Protocol) to initiate a “handshake” with the email server. During that process, the email client tells the email server which version of encryption it will be running (usually SSL or TLS – more on this below) as well as what compression methods and processes (known as cipher suites) it will use to negotiate security settings.
After the setup is finished, the email server verifies its identity to the email client by sending a certificate. This ensures the email client isn’t sending messages to an imposter. Once the email client knows it can trust the server, a key is exchanged between the two, which allows all messages sent and received to be encrypted.

Types of email encryption

There are three standard types of email encryption: SSL (Secure Socket Layer), TLS (Transport Layer Security) and STARTTLS. These are known as transport layer encryption methods – meaning emails are encrypted when they leave the sender’s email server and decrypted when they hit the receiver’s email server.
For compliance and regulatory purposes, many Small / Midsize businesses opt to manage encryption through an email gateway. This technology blocks or quarantines emails to prevent spam, malware or phishing attacks from reaching your organisation and employees.
In addition to the three transport layer methods, there’s another form of encryption known as end-to-end. Here, emails are encrypted by the sender’s email client (rather than the server) and only decrypted at the receiver’s email client. This type of encryption is common in web-based email clients like Gmail or Yahoo Mail.

How do I send an encrypted email in Outlook and Gmail?

While there are plenty of email clients available, the two most popular are Outlook and Gmail. And the chances are, you’ll use one of these systems for your business emails.
For Outlook
Outlook is one of the most established, well-known and comprehensive email clients out there. If you have an Office 365 subscription, Outlook will be able to encrypt your emails. To encrypt all outgoing messages, follow these three steps:
  1. Begin by making sure whomever you’re sending encrypted emails to has a Digital ID. Without this, they won’t be able to view your messages. To learn more about obtaining a Digital ID, visit the Microsoft website. 
  2. With a Digital ID sorted, you can set up encryption in Outlook. Go to the File tab, and under Options navigate to Trust Centre and Trust Centre Settings.
  3. Under the Email Security tab, you should see Encrypted email. Select the Encrypt contents and attachments for outgoing messages box. If you need to change other settings, such as which security certificate you want to use, click Settings. 
Your outgoing messages will now be sent using a basic level of encryption. For more secure encryption, find out more about BAE Systems email encryption solution.

For Gmail
In Google’s Gmail, the approach is slightly different. Google encrypts emails as standard for all messages sent using Gmail – but that’s only for users of official Gmail apps or its Chrome browser. And the recipient also has to be using Google apps and Gmail for the email to remain encrypted. That means encryption isn’t always guaranteed.
Business users of Gmail – who have access to its G Suite for Enterprise platform – are able to add enhanced security via Secure/Multipurpose Internet Mail Extensions (S/MIME). You can read more about how to enable that feature on Google’s website.
Advanced email encryption and security suites are able to solve the shortcomings of both Outlook and Gmail, though. These platforms – like our own – sit between the sending and receiving servers, and run email messages through tools which ensure there are no threats present. Because these solutions work alongside email servers, they can operate in tandem with almost any email client – giving you and your business peace of mind.

How to stop unwanted, spam and junk emails

Spam is irritating and it wastes valuable time. It also represents a potential threat to your business. Nefarious spammers disguise themselves (in phishing attacks) as legitimate or real colleagues, peers and partners – duping your employees into sharing valuable and sensitive data, inadvertently causing a data breach; installing malware then demanding a ransom payment, and even sending fake invoices to your payments department trying to extort money from the organisation. This can cause your organisation significant reputational and financial damage.

How to prevent email viruses

To protect your business from the raft of new email viruses circulated each day, check that your email security suite features an anti-virus service. By adopting a cloud-based anti-virus and anti-spam protection solution, you can block (and remain protected against) a large proportion of known viruses and unwanted email – up to 100% and 99.9% respectively, with the most comprehensive solutions.

How can BAE Systems help?

Our email security solutions reduce the risk your business faces by blocking malicious software and spam at the gateway. The BAE Systems suite is not only compatible with hosted Exchange and SilverSky Mail – it works seamlessly across any deployment, whether on-premise, hosted, or in the cloud. That means all third-party email providers – including Google and Office 365 – are protected by our real-time, expert security monitoring service.
In addition, our Social Engineering Protection and Targeted Attack Protection products can help reduce the number of phishing, spoofing, or CEO whaling emails your business receives, safeguarding your employees from receiving malicious links or files.
Finally, it’s also important to consider emails leaving your organisation, not only those that you’re receiving. Despite email being the most dominant form of business communication, some organisations lack an end-to-end view of their infrastructure, which means that privileged information can easily and inadvertently be disclosed. A significant amount of data loss comes from insiders; BAE Systems’ Data Loss Prevention solution helps CIOs and IT managers guard against motivated malicious insiders and accidental negligence by employees to greatly reduce security threats.

Keep your organisation safe from email threats