I need a list of legitimate companies that offer encrypted email.?

My boss has asked me to research encrypted email. If someone with experience in setting this up for their company or someone that knows quite a bit on the subject please advise me of the steps I need to take in order to accomplish this.

Update:

We're talking about the security of thousands of people here, so please don't just give me a link. I'm concerned about the legitimacy of any company that I just google...can someone with experience with setting this up for their company please send me in the right direction?

5 Answers

Relevance
  • 5 years ago
    Best answer

    S/MIME mail is built into Thunderbird, and probably Outlook.

    PGP is available with add-ons, or in other mail tools, and has more history.

    You can create sef-signed certificates quite easily and send S/MIME signed mail, then the recipient can send you back encrypted mail. That's quite secure, as long as you trust the recipient (you phoned them, you know them personally, you checked the certificate signature if paranoid - what are the chances of an imposter if you call and ask if they just got your email you sent 10 minutes ago?)

    If you want hierarchical trust, you need a certificate authority to issue certificates to people - like a company HR department that has enough personal info to verify a person and issue an employee ID. Which the company can do itself, or buy a chaining SSL certificate from a regular authority like Thawte. But those won't issue certificates to individuals (at least, I don't think so) - you'd still need to trust the intermediate authority.

    This is partly why you don't see encrypted email used so much - it's not hard, but no-one will step up and certify identities, unless some government agency does it and that's only for one country or state.

    Computer people for years have used PGP with a crowd-sourced trust model, that's still used to sign security advisories etc. Technically you have to go meet people who are already in the trust pool and exchange enough government ID to get your PGP key signed.

    • Invisible5 years agoReport

      Thank you for your detailed response! I'm going to look into this. You've given me somewhere to start. Thanks!

  • 5 years ago
    • Invisible5 years agoReport

      I already did that myself, smarty! I'm concerned with the legitimacy of these companies...I'd rather speak to someone that has had experience with one of these companies or know of a good company to use. Thanks for your help, though.

  • Pierre
    Lv 5
    5 years ago

    So, let me get this straight, you're wanting to set-up secure e-mail to protect thousands of people and you're going to get your answer here from Yahoo Answers ?!? Like seriously ?!? Normal companies of institutes hire a 3rd party consultancy company to set something up that makes sense... The feedback provided by Adavil is technically correct from a 'available techniques' but that's not solving your open issue... Normally you provide a consultancy company a 'scope' and they'll provide you an offer for a working implementation of what you want. This costs money you know...

    • Invisible5 years agoReport

      I understand, Pierre. I am not a nitwit when it comes to researching things, but I do value other peoples' opinions/experience. Just wanted to see what others had to say on the matter. People come to yahoo answers for way worse situations. I don't see how my inquiry would be harmful.

  • Anonymous
    5 years ago

    If you encrypt all your emails, how are recipients going to read them? Unless you send them all the decryption keys.

  • What do you think of the answers? You can sign in to give your opinion on the answer.
  • 5 years ago

    Use md4 hashing safe as anything

Still have questions? Get answers by asking now.