Back in the heady days when computers were just making an appearance at the workplace, there was a feeling these new devices would soon usher in that rather utopian concept of a paperless office. However, those initial dreams seem to have foundered over the years despite initial signs the paperless office could come true. Strangely, though, it’s one of the main drivers of office automation – Email – that’s been the cause for this delay.
Email remains vulnerable to attacks
Email’s often regarded as the first ‘killer app’ for computers. The ability to communicate – which is the biggest draw of personal computing – was what Email promised us. And it delivered – to an extent. Sadly, one of the reasons the paperless office is still a pipe dream is because the very E-mail that provided impetus to the adoption of IT remains vulnerable to security flaws. One of the main concerns over the use of E-mail for critical business or government work is E-mail spoofing. In this kind of attack, the sender’s details are forged in the mail header to make it seem like the message comes from someone else.
Make your Email secure with Digital Signatures
In an attempt to ensure the integrity of their Email, businesses have turned to solutions such as encryption and digital signatures. In a nutshell, the process of securing your mail with a digital signature works like this:
- Apply for a certificate from a provider such as Thawte. Keep in mind that Thawte will issue the certificate to your E-mail ID. To obtain a certificate in your name, you’ll have to be vouched for by an existing ‘trusted’ member of their ‘Web of Trust’. Other Certificate Authorities that hand out certificates are VeriSign and InstantSSL. It’s also possible for you to make your own certificates, but that defeats the purpose as these will not be recognized as being secure by others.
- Once you’ve got your digital certificate, you need to set this up in your software. This certificate can also be used to encrypt your mail. Interestingly, MS Office can also use your signature to digitally sign any documents you create.
- Choose your signature/encryption technique: Pretty Good Privacy (PGP) or Secure/ Multipurpose Internet Mail Extensions (S/MIME) are the ones most widely used. There are certain key differences between these: S/MIME might not work with most webmail clients; it also uses an attachment for the signature – this might not be compatible with certain E-mail gateways.
Setting up your Email client for Digital Signatures
Outlook: Once you’ve installed the certificate in Outlook, you can sign individual messages by selecting this option from Options->Digitally Sign Message. If you’d like to sign all messages, select Tools->Trust Center->E-mail Security->Encrypted E-Mail->Add digital signature to outgoing messages. Thunderbird: Mozilla Thunderbird offers in-built support for digital signatures. The process includes:
- Installing a signature/encryption add-on like GnuPG or EnigMail
- To send digitally-signed E-mail in Thunderbird, compose a message as usual and then select your add-on from the toolbar and check the options for signing and/or encrypting your message
Google Apps: While Gmail’s web interface does not yet offer the possibility of digitally signing your mail (You can, of course, sign your Gmail messages on an
email client like Thunderbird or Outlook), users on a custom domain in Google Apps can opt to get their mails signed using the DomainKeys Identified Mail. This, which can be enabled by administrators, verifies the domain name used to send the message and should help in case you find your message getting flagged as spam.
Gmail: Gmail does not support digital signatures on its web interface. You’ll have to use a mail client to add your signature.
Digitally signed email can be a vital part of business communication. Apart from ensuring the security of your messages, you also reduce the chances of your domains getting flagged for spam.