1. This site uses cookies. By continuing to use this site, you are agreeing to our use of cookies. Learn More.

Encrypted Email

Discussion in 'Software' started by UCHEEKYMONKEY, Mar 3, 2008.

  1. UCHEEKYMONKEY
    Honorary Member

    UCHEEKYMONKEY R.I.P - gone but never forgotten. Gold Member

    4,140
    58
    214
    I have been asked at work to encrypt an email for a user, the software is MS outlook 2003 on windows XP.
    The only problem is how do I encrypt an email?:blink

    Q) can anyone suiggest how to encrypt an email or even suggest what type of encrypting software can be used!
     
    Certifications: Comptia A+
    WIP: Comptia N+
  2. hbroomhall

    hbroomhall Petabyte Poster Gold Member

    6,623
    115
    224
    Off the top of my head - "Pretty Good Privacy" should be able to do this.

    You face the problem of what *sort* of encryption you need, and how the keys should be shared.

    It can be a complicated subject.

    Harry.
     
    Certifications: ECDL A+ Network+ i-Net+
    WIP: Server+
  3. greenbrucelee
    Highly Decorated Member Award

    greenbrucelee Zettabyte Poster

    14,283
    254
    329
    Not sure on software, but is it not possible to create the email say in word put it in a folder encrypt the folder and send it as an attachment? seems complicated though,
     
    Certifications: A+, N+, MCDST, Security+, 70-270
    WIP: 70-620 or 70-680?
  4. zebulebu

    zebulebu Terabyte Poster

    3,748
    330
    187
    As usual, Harry talks sense - use PGP. Its free and does exactly what you want it to do. Check out this helpful guide to show you how to set up and use it with no frills and so that its easy to understand for non-techies.
     
    Certifications: A few
    WIP: None - f*** 'em
  5. hbroomhall

    hbroomhall Petabyte Poster Gold Member

    6,623
    115
    224
    Another way of doing this is to use PKZip and use the encryption included. Then attach the result to an ordinary email.

    When dealing with encryption there are number of things to consider:

    1) How tough to you want it to be? There is no such thing as 'perfectly unbreakable', and the less tough you want it the easier, usualy, it is to handle. By tough I mean - how long before whether it is encryped or not doesn't matter? A few days? A year?

    2) What decryption facilities exist at the far end?

    3) How will you get the key info to the other end? If you use symetric cyphers then you have to get the key there by some other means. If you use PKI things get complicated, and it more becomes a question of trust.

    Harry.
     
    Certifications: ECDL A+ Network+ i-Net+
    WIP: Server+
  6. hbroomhall

    hbroomhall Petabyte Poster Gold Member

    6,623
    115
    224
    <Cough> I should have checked first - but on my copy of OL 2003 Tools->Options->Security looks fairly promising!

    You will need to get a certificate if you don't already have one.

    Harry.
     
    Certifications: ECDL A+ Network+ i-Net+
    WIP: Server+
  7. UCHEEKYMONKEY
    Honorary Member

    UCHEEKYMONKEY R.I.P - gone but never forgotten. Gold Member

    4,140
    58
    214
    Thanks Harry , it's gone mad here at the NHS, ever since they reported on the news about government/personal information about people going missing!:dry Everyone has gone paranoid.

    I even had one user who wanted a private folder on the network shared drive that only they could access.
    Which I manage to setup for them. But then they wanted me to sort out their files and move to this secure location. Why? because they said they didn't have the time to move the files from their local drive to the network drive:rolleyes:

    Anyway, the user is forever forgetting her user AD password account:rolleyes: So I guess she needs something simple but effective.:biggrin
     
    Certifications: Comptia A+
    WIP: Comptia N+
  8. UCHEEKYMONKEY
    Honorary Member

    UCHEEKYMONKEY R.I.P - gone but never forgotten. Gold Member

    4,140
    58
    214
    Well you would of thought so, I suggested winzip but that's too complicated for them. So it has to be something in email , maybe a plugin or something. :hhhmmm
     
    Certifications: Comptia A+
    WIP: Comptia N+
  9. UCHEEKYMONKEY
    Honorary Member

    UCHEEKYMONKEY R.I.P - gone but never forgotten. Gold Member

    4,140
    58
    214
    Cheers Zeb:thumbleft

    I am just checking out that link now:biggrin
     
    Certifications: Comptia A+
    WIP: Comptia N+
  10. Wassup

    Wassup Byte Poster

    244
    4
    10
    hiya UCM - tell the user and recipient to sign up and use nhs.net for encrypted traffic, as this is the recommended means for secure email within the PCT I work for.

    I work for the NHS as well and the reason they have to use encrypted email is for patient data transfer. If I were you I would try and find out why she needs encryption on her email, or is it just something she has heard about and wants in on the act.
    You should get more information, or at least policy guidance from your IT department heads.

    If she keeps forgetting her AD password, there's not much chance of her getting the whole encryption thing down pat, as the receivers would also need to be up to speed on the process too.

    Get in touch and maybe we can compare tcp/ip layer 8 problems for users on N3 connections ;)
     
  11. UCHEEKYMONKEY
    Honorary Member

    UCHEEKYMONKEY R.I.P - gone but never forgotten. Gold Member

    4,140
    58
    214
    Thanks Mate:thumbleft

    I heard one of the network boys talking about nhs.net today but they said I had to google it if I wanted to find out how it worked because they don't have the time to explain it to me:(
     
    Certifications: Comptia A+
    WIP: Comptia N+
  12. Sparky
    Highly Decorated Member Award

    Sparky Zettabyte Poster Moderator

    10,191
    297
    319
    As already said you might want to find out what the IT policy is in regard to this. It’s great that users want to secure their data but if there is a technical issue or the user leaves then you may need to access the data.

    If it’s locked down then there may be no way to open the emails. :blink
     
    Certifications: MSc MCSE MCSA:M MCSA:S MCITP:EA MCTS(x5) Security+ Network+ A+
    WIP: Exchange 2007\2010
  13. UCHEEKYMONKEY
    Honorary Member

    UCHEEKYMONKEY R.I.P - gone but never forgotten. Gold Member

    4,140
    58
    214
    Thanks Sparky:thumbleft I am just going over to the User's office now to find out if the receipted works on NHS as well. From my understanding and what wassup said if both the sender and receipted work in the NHS they can sign up to NHS.net and send secure emails but if one of them isn't NHS then we have to use a software to encrypt.

    I have just got off the phone to another user who is in that boat and says the firewall is blocking the encrypted email. See screenshot:-
     
    Certifications: Comptia A+
    WIP: Comptia N+
  14. hippy

    hippy Kilobyte Poster

    307
    5
    40
    If i was you i would white out the email subjects, full name and the mailbox name (hint) and also the imap stuff.
     
  15. UCHEEKYMONKEY
    Honorary Member

    UCHEEKYMONKEY R.I.P - gone but never forgotten. Gold Member

    4,140
    58
    214
    True, just got an email from one of the guys in networks who said:-

    The error occurs because our SMTP gateway is unable to scan the attachments so it generates an error. We are looking to get this resolved as soon as possible.

    From what i have read on the web i believe the problem exist if your running Symantec AV version 10, but the problem has been fixed in version 11. However the Dept is still on version 10:rolleyes:
     
    Certifications: Comptia A+
    WIP: Comptia N+
  16. wizard

    wizard Petabyte Poster

    5,763
    35
    174
    No surprise there then :D
     
    Certifications: SIA DS Licence
    WIP: A+ 2009
  17. zebulebu

    zebulebu Terabyte Poster

    3,748
    330
    187
    LOL - Symantec sucks. I don't blame the admins for not upgrading to version 11. Their AV blows anyway I remember trying to get Backup Exec working properly, finally sorting out then 'upgrading' to 11d - only to find out that I can't cancel a backup job once its running without stopping all the Backup Exec services. never had a single issue with BE before they took Veritas over - not one. I used it everywhere instead of ArseServe because CA products are so shite in general - ever since Slimeantec bought them out the product has got increasingly unreliable. Just put a new tape library in and am debating whether or not to put BE 12 on - but will probably end up going back to v10 just because it does what i want it to do without ****ing up.

    I HATE Symantec - and their AV is the worst product they do, so Christ alone knows why an NHS trust would run using it.
     
    Certifications: A few
    WIP: None - f*** 'em
  18. UCHEEKYMONKEY
    Honorary Member

    UCHEEKYMONKEY R.I.P - gone but never forgotten. Gold Member

    4,140
    58
    214

    Probably because it's cheap! That's usually how it works round here. :rolleyes: Let's face it if you had to work in an IT Dept, whereby the user (who don't really know what they want in the first place!) decides what software they are going to buy and use in their Dept without informing the IT Dept.

    Then when it goes wrong or they can't install it themselves they expect the IT Dept to rescue them.:rolleyes:

    I wouldn't mind if they bothered to investigate the software for compartibility issues and for technical support help. Most of the users expect the IT Dept to fix the error messages/debug erros shown in the software rather than phone the software house. Then get annoyed at us when we say we don't know anything about the software or we don't have administrator account to test the software.:(

    Well you can imagine all sorts of problems....This is what we are faced with everyday!:x

    Again it comes down to money..after all which is going to be cheaper a call out from a software house or a call out from the IT Dept.:dry
     
    Certifications: Comptia A+
    WIP: Comptia N+
  19. Wassup

    Wassup Byte Poster

    244
    4
    10
    Symantec --- blaargh! good luck with that :twisted:

    UCM - we have just been told about this;

    SecureSend provides a facility to securely send data that is encrypted to nationally approved NHS security standards (using 256 bit AES encryption).

    It has been developed by Somerset Primary Care Trust and offered free of charge to other NHS and partner organisations.

    Could well provide a solution that you are looking for.
     
  20. hbroomhall

    hbroomhall Petabyte Poster Gold Member

    6,623
    115
    224
    While I know nothing about SecureSend I get the feeling that a lot of time, effort and money has been spent on re-inventing the wheel. On the taxpayer's wallet. Please prove me wrong! :biggrin

    Harry.
     
    Certifications: ECDL A+ Network+ i-Net+
    WIP: Server+

Share This Page

Loading...