Figuring out how to encrypt email is necessary to make sure your personal information isn't seen or stolen by the wrong people.
Unfortunately, it's easy for hackers and criminals to steal your private information if you don't bother to keep it secure.
Why make it easy?
This article will explain step-by-step how to encrypt email in order to keep your information safe.
I will outline which email encryption methods to use and what you need to do to protect your Internet privacy and online safety via email.
In This Guide
What is Email Encryption?
Email message encryption is the process of turning email content into code to prevent prying third parties from modifying, accessing, and viewing your emails.
Keep in mind, if you're going to encrypt one email, you might as well encrypt them all. If you only encrypt one, it's as if you're highlighting your sensitive information for hackers and criminals. Also, make sure your web-based email client or recipient is working on a secure communication channel. If your web-based email does not support TLS or SSL and PGP or S/MIME encryption security, you may want to switch to an encrypted email service provider or download a security add-on.
What to Encrypt
To make sure your email content is safe, you should first learn how to secure your WiFi and your communication channels. You can secure your communication channels for outgoing and incoming emails and protect them from modification with SSL or TSL security protocols.
Protocols to Secure Your Connection
- SSL: SSL stands for Secure Sockets Layer. It is a standard encryption protocol that encrypts the communication channel between your server and your recipient's server. It can also encrypt communication channels between a server and a web-based email client. If your web-based email service or other email service supports SSL with no S/MIME or PGP protocol, it's as if you are talking openly on a secure line.
- TSL: TSL stands for Transport Layer Security and is simply a more advanced version of SSL. Both SSL and TSL protect your connection and make it so outsiders cannot modify or view content being sent or received.
Protocols to Encrypt and Secure Your Content
You can then encrypt your email content in different ways depending on which secure email server and web browser you have. Ultimately, encrypted email protects your sensitive information like social security numbers, credit card numbers, and other secretive info.
- OpenPGP: PGP is an encryption method that stands for Pretty Good Privacy and is used by various third party email encryption services to encrypt messages within your emails. If you have PGP with no TSL/SSL security, it's as if you're talking on an insecure line using secret messages.
This type of encryption will protect your personal information from prying eyes, but it won't protect you from the big guns like determined hackers and the government. It has a couple different versions including PGP and GNU Privacy Guard (GNUPG). The GNU Privacy Guard is a free easy download for Windows computers. You'll need to install a security certificate and exchange your public-key encryption with your contacts before you can send encrypted messages with a PGP email server.
- S/MIME: S/MIME is another email encryption protocol that stands for Secure/Multipurpose Internet Mail Extensions. It allows for you to digitally sign with your public encryption key for secure email encryption. Your digital signature is the certificate you must also install before you send or receive an encrypted email. Then, you'll need to exchange public key encryption with your contacts if you want your content to be inaccessible to others via S/MIME. S/MIME is used by various email servers including Microsoft Outlook.
The main difference between the S/MIME public-key cryptography and OpenPGP public-key cryptography is that S/MIME uses a centralized trusted certificate authority to create keys and send encrypted email while OpenPGP does not require that. S/MIME is harder to set up but easier to maintain and more secure.
Encrypt Files Stored Emails
Once you've done that, make sure to encrypt files as well as email messages in your cached or archived emails. This process will be different for everyone depending on which encryption methods your specific email provider uses. You may also be able to download a third party software like PowerShell that works with your email server to automate email and file encryption.
Email encryption is just the first step to keeping your personal and private information safe online. To keep your online presence secure while browsing you should consider a VPN service.
Steps to Encrypting Email
There are several steps you can take to activate encrypted email with your specific web-based email or desktop email provider. Here's what to do, in general.
1. Determine whether your email service provider supports TLS/SSL encryption.
Before you use an email encryption service, you should determine whether your connection and your recipient's server or web-based client's connection is secure with SSL or TSL. You'll need to look up your specific email service to make this determination.
2. Determine whether your email service provider uses either S/MIME or PGP encryption standard.
This will help you decide your next step. Should you use either a desktop based email, download a simple add-on, or download an end-to-end encryption software?
3. Create a certificate.
Before you can send encrypted email, you'll need to create a certificate with a public and private key. You can use Comodo, a free, easy software for encryption certificates. Just go to the site and click on download free certificate. Then you should receive an email with your keys to your inbox.
4. Exchange public keys with your email recipient or web-based client.
You'll need to exchange public-key encryption with your recipient before you'll be able to send and receive encrypted messages. Your private key belongs to you and only you will be able to use it. Your public key is available for anyone to see and use. If another person wants to send you an email message with private information, they can use your public key to encrypt. If you want to read the encrypted message, you'll need to use your private key.
5. Download email encryption service with S/MIME or PGP protocol for added security.
If your web-based email server doesn't work with S/MIME or PGP message encryption protocols, you should either use a third party end-to-end encryption software, download an add-on, or switch to a new encrypted email service.
Encrypted email protects your sensitive information like social security numbers, credit card numbers, and other secretive info.
How To Encrypt Email With Microsoft Outlook
Microsoft Outlook works with S/MIME to secure your incoming and outgoing emails to and from your email address. You can also download an Outlook add-in like Entrust for extra security. If you have a Microsoft Outlook email address, here's how to create encrypted emails for all outgoing messages. First, you need to create a digital certificate.
1. Sign into your account and click on File > Options > Trust Center > Trust Center Settings.
2. Then click on Email Security > Get Digital ID.
3. Choose an authority to receive a digital ID from (like Comodo).
4. Your digital ID will then be sent to your inbox.
Once you have your digital ID, you can start encryption.
1. Click on Tools > Options > Security tab.
2. Type any name into your Security Settings Name section.
3. Select S/MIME on the Secure Message Format box.
4. Check the Default Security Setting.
5. Look under the Certificates and Algorithms section, then to the Signing Certificate section and click Choose.
6. In the Select Certificate box, select a Secure Email Certificate if it's not already selected.
7. Check the box "Send these Certificates with Signed Messages."
8. Click OK to save.
9. You will now be able to send and receive messages using your public key encryption.
Microsoft Exchange Server
If you have a Microsoft Exchange Server, you should opt for server-based encryption. The Exchange Server can encrypt SMTP email messages and files between mail servers and other web-based email services. The Exchange server will make sure all sent messages are secure when sent to their designated inbox, according to ITPro.
How To Encrypt Email With iOS
S/MIME support is built into the iOS email server on your Apple smart device email app and the OSX server on your Mac's email server app. Here's how to activate email encryption on both.
iOS Laptop Email Encryption
1. Before you can send an encrypted message, you need to send the recipient a digitally signed message with your public key and they must do the same. You can get a certificate (or digital signature) from a site like Comodo.
2. Once you have received an email with your certificate and downloaded it, you need to import it into your Mac's keychain. You can do this by simply opening it and clicking Add. Then you'll just need to authenticate your action by typing in your Apple ID and password.
3. The next step is to exchange certificates with whoever you're conversing with. Now that you've imported your certificate, every email will automatically be signed with your public key. This way, all you have to do is send the person a message to share your key. This is indicated by a check mark on your subject line. Once you have exchanged, the subject line will also show a blue padlock.
iOS Smart Device Email Encryption
1. Go to your device's Settings.
2. Go into Mail.
3. Tap Accounts.
4. Select the account you wish to encrypt.
5. Tap your email address at the top.
6. Select advanced at the bottom of your screen.
7. Switch on the S/MIME button on the bottom of your screen.
Before you can send encrypted messages, you need to install the digital signature of whoever you're conversing with and vice versa. If you see a red padlock icon, you either have not installed each other's encryption keys or you are not in the same exchange environment.
How To Encrypt Email with Android
You can send and receive encrypted email messages via S/MIME on the CipherMail app for Android. You'll be able to use it with your Gmail account and third party apps including K-9 mail if you have it. This is just one option. The second option is to use a PGP protocol with an email app and a keychain app to store your keys and keep your emails secure.
Email Encryption With Gmail
If you have a Gmail account, it supports TLS encryption and encrypts your emails whenever possible, whether they're being sent, received, or stored. You can also activate two-step verification upon sign-in for extra security.
Two-step verification will make sure you are the one accessing your account by sending you a code to verify your identity when you sign in. It's important to remember, though, that encrypted emails are a two-way street. If the email receiver or sender you're conversing with does not have security in place, your information may not be safe.
In relation, Gmail does not support S/MIME or PGP encryption protocols, so you may need an email encryption solution like the Ciphermail app for better email security. If you're worried about unencrypted messages on your Gmail account, you can also switch your email service provider to an email encryption service.
G Suite Email Encryption For G-Suite Customers
G Suite is the group of Google apps that businesses can create an account with and use to create spreadsheets, articles, and ideas to share with other employees and clients easily. G Suite Message Encryption (GAME) is an encryption service created by Zixcorp for Google for those with a G-Suite account looking to make unencrypted emails and files private. You can purchase GAME via a Google representative here.
Once you've purchased GAME, Zixcorp will set up your self-service portal account information. The GAME self-service portal will then send you a welcome letter with directions on configuration and what to do next. Check the Google support page for more information.
The Best Email Encryption Services
Email encryption solutions encrypt messages from and to whoever you are messaging for ultimate security. They are an easy way to make sure your messages cannot be seen by outside parties. Here are some of the best email encryption services we recommend.
Virtu is an email encryption solution that provides military grade protection for your sensitive email content and connection. With Virtu, you can either encrypt files and emails on the client to protect your data before it leaves your device or use Virtu Network Data Protection solutions for outbound email encryption and inbound email encryption," according to the Virtu website.
Encrypt your unencrypted emails using Entrust email encryption Microsoft Outlook add-in. It works with multiple different email servers and has government strength security. It uses S/MIME, PGP, and Entrust encryption formats to keep your information as secure as possible.
Symantec is an email encryption solution providing desktop end-to-end email encryption without having to log into another website. It will protect your emails from outsiders whether they're being stored or in transit. There's a free trial on their site.
Automate Your Email Encryption
If you need email encryption for many or all of your emails, there are ways to automate the process so you don't have to manually encrypt every email.
With the PowerShell command, you can actually build a code that will let you filter files and folders through it. In the process, the PowerShell command encrypts every inbound and outbound email and file being stored or in transit.
PowerShell is definitely not for the average computer user. For those who aren't well-versed in coding languages, it's best to leave it be. If you want to learn more on how to use PowerShell, InfoWorld has a great guide you should check out.
If this article has helped you figure out how to encrypt email, I'm glad! Please share it with your friends and family who may need help keeping up good privacy online.