menu

How To Encrypt An Email

written by

Jack Foster

last updated

June 16, 2021

Share on facebook
Share on twitter
Share on linkedin
Share on pinterest
Share on email

There are many steps you can take to ensure that your online activity is secured. As I always say, security is not a one-time thing, nor a one-solution approach. It’s all about layers of protection. One imperative step is email encryption. Below, I reveal why this is important, as well as how to encrypt an email when using one of the popular messaging platforms. 

What is Email Encryption?

Email encryption is a process that will disguise all of the content within the email messages you send to another person. It essentially turns your message into an unreadable code. If someone was to hack into your email, they would not be able to decipher the message. This is imperative when it comes to ensuring that your messages are only read by the intended recipient and no one else! Authentication is commonly a part of email encryption. 

Email encryption is not only important for emails that contain sensitive details, such as log-in credentials and financial data. It is also imperative in terms of disguising attachments and making sure that a hacker cannot completely hijack your entire email account.

A lot of people do not realise that email is a vulnerable medium. This is especially the case if you send an email over Wi-Fi, public, or unsecured networks. This is why it is always advisable to use a VPN so you can hide your IP address at all times. I recommend NordVPN as a great all-rounder. Even if you’re at work and you have a secure business network, other users can intercept this, which is why caution is always needed.

With encryption, all of the content of your email will be unreadable while it travels from the origin to the destination. So, even if someone manages to intercept your mail, they won’t be able to determine what the content says!

What Are the Benefits of Email Encryption?

There are a number of key reasons why you should encrypt your email, so I’ll summarise them for you below:

  • Protect confidential data – From your banking information to your credit card number, encryption will ensure your private data remains private.
  • Protect yourself from identity theft 
  • Encryption helps people to identify authentic senders – A pivotal step in ensuring you don’t fall victim to spam!
  • Nullify message replay possibilities
  • Avoid business risks – The last thing any business wants is for their confidential data to fall into the wrong hands.

The Two Main Types of Email Encryption

There are two key email encryption methods that you should know about:

  1. S/MIME
  2. PGP/MIME

You and the recipient need to use the same method of encryption to ensure that the recipient is able to decrypt the email you send.

So, I’ll talk you through both of these options in more detail…

S/MIME

This email encryption method is in-built in the majority of iOS and OSX devices. If you receive an email that has been sent via an iPhone or MacBook, you may see an attachment with the name “smime.p7s”. This 5-kilobyte attachment is used to verify the recipient of the email, ensuring only the intended person can read the content.

For a recipient to read the email, they must either have received at least one signed email from the sender in the past or be in the sender’s organisation. 

So, what are some of the main features of this option?

  • It is widely distributed thanks to being part of Outlook and Apple 
  • It can be difficult to set-up in Gmail and other email clients that are web-based
  • Maintenance is simple 
  • A centralised authority is used to select the encryption algorithm and key size

PGP/MIME

The other main form of email encryption is PGP/MIME. This differs from the former because it is dependent on a decentralised and distributed trust model. It is a more flexible and low-cost solution, however, it demands third-party tools because it is not widely supported by email clients. 

Here are some of the key features of PGP/MIME:

  • You can determine how you encrypt your emails and also how well-encrypted the email messages you receive must be
  • It doesn’t cost anything to get a certification, whereas you have to buy S/MIME (this will be included in the cost of your Macbook or iPhone)
  • It is pretty easy to use with Gmail and other email clients that are web-based
  • The recipient needs to have both private and public encryption keys, with the latter being available to the sender

How Do You Encrypt Email Messages in iOS?

The process is really easy with iOS devices, as S/MIME support is in-built as a default setting. So, what steps do you need to follow?

  1. Head to advanced settings.
  2. Turn on S/MIME.
  3. Change “Encrypt by Default” to yes.
  4. When typing a message, there will be a lock icon next to the recipient. Make sure the lock icon is closed so that the email is encrypted. If the lock is open, simply click on it to close it.

There are two colour codes you need to be aware of with regards to encryption on iOS:

  • Red – This means the recipient must turn on their S/MIME setting.
  • Blue – The email can be encrypted if the lock is blue.

How Do You Encrypt Emails in Outlook?

As mentioned, Outlook is compatible with the S/MIME protocol. However, some added set-up is needed, which I will talk you through.

  1. The first thing you will need to do is enable S/MIME encryption. To do this, you are going to need to get a digital ID or certificate from the administrator at your organisation, and then you will need to install S/MIME. 
  2. Once S/MIME has been set-up, you can either sign all messages digitally or encrypt all messages by heading to the gear menu.
  3. From here, click S/MIME settings.
  4. Select to add a digital signature to all the messages you send or to encrypt the attachments and contents of all messages. 
  5. If you want to remove or encrypt individual messages, you can choose this by hitting “…” at the top of the message. Select message options. After this, either deselect or select “Encrypt this message (S/MIME).” You will want to deselect the box if the person you are messaging has not enabled S/MIME, otherwise, he or she will not be able to read your message.

How Can You Encrypt Emails in Gmail?

The Gmail app already has S/MIME built into it. However, it will only work if both you and the recipient have it enabled. To enable hosted S/MIME, you need to follow these steps:

  1. Sign into your Google Admin console
  2. Click on Apps
  3. Click on Google Workspace
  4. Select Gmail
  5. Choose User Settings
  6. Navigate to Organizations and choose the organization or domain you want to configure
  7. Scroll to the S/MIME setting, and check the box that says “Enable S/MIME encryption for sending and receiving emails”
  8. Choose Save 

To use this form of encryption, you simply type your message as you typically would and then select the lock icon, which is located to the right of the recipient. From here, choose ‘view details’ and then you can alter the level of encryption or the S/MIME settings. 

There are three colour codes you need to be aware of with regards to encryption on Gmail:

  • Red – This email does not have any form of encryption security.
  • Grey – This email is protected with Transport Layer Security (TSL). This will only be effective if you and the receiver have TLS capabilities.
  • Green – S/MIME encryption protects the information, and a private key is needed for the decryption. 

How Do You Encrypt an Email on Your Android Device?

You have a number of options available to you when encrypting an email on Android. These are as follows:

PGP/MIME

For PGP/MIME, both a keychain and email app are required. This approach demands a bit more of your attention during set-up, yet you don’t need to get a digital signature from someone in advance to send them encrypted messages.

I recommend using OpenKeychain for this. It is a free and straightforward keychain tool, which can be used to store other people’s PGP public keys and certifications. 

Using OpenKeychain, you can create your own private and public keys. Simply enter your name, email address, and passwords, and these keys will be generated for you. You can also import an existing key if you have one. 

You can also use the app to search for other people’s public keys online so that you can send an encrypted messaged to them. Once you have added a public key to your keychain, you can save it so it can be used more conveniently later.

Using OpenKeychain in an email app is easy. Simply go to the settings on the app, and choose OpenKeychain as your default provider for OpenPGP. The process will differ based on the app you’re using, but it should not be too difficult!

The CipherMail App

Another option is to use the CipherMail app. With this app, you can receive and send S/MIME encrypted mail using the default Gmail application, as well as K-9 and a few other third-party apps. 

How to Choose an Email Encryption Tool

A final option is to use an email encryption application. With so many options and complicated technology to contend with, navigation through the encryption tools available today can feel overwhelming. Legacy approaches for encryption are complex, making it difficult to securely manage, update, and use keys. Modern tools, on the other hand, simplify encryption demands.

The key to locating the right encryption tool for you is to search for software that will protect your email messages and any attachments while also offering other features designed to help you reach your security goals, including granular audit and access control.

The best email encryption applications

There are plenty of options available on the market, and some of my favourites are as follows:

Proofpoint Email Encryption

The first email encryption tool that I recommend is Proofpoint Email Encryption. This is a great option if you’re looking for something that is easy and convenient. All messages and attachments will be encrypted automatically. This means you do not need to manually encrypt your messages.

proofpoint

You can expect encryption features that are powerful and policy-driven. I personally think this is a great tool for reducing risks relating to corporate policy violations, data loss, and regulatory violations. 

If you require sensitive data security to be protected yet accessible to the appropriate end-users, business partners, and affiliates, I would recommend Proofpoint Email Encryption. It is available on mobile and desktop devices, and it comes with some great added extras, including granular control and streamlined storage. 

Tutanota

Tutanota is another tool that is worth considering. This is an email encryption service that has both a paid and a free version available. The free tool is good for personal use. However, if you’re looking for encryption software for business use, you will definitely need the fully-featured, paid option.

Tutanota

With the basic account, you will get one secure email account. You won’t need any personal data to access the anonymous email account. IP addresses are not logged. They are removed from every email communication. All of the content, attachments, and the subject are encrypted. The user is the only person who can decrypt the data and access it.

Another feature of Tutanota is the address book, where all of your contacts can be imported with security and confidentiality. 

Micro Focus SecureMail On-Premises

Another encryption tool I rate highly is Micro Focus SecureMail On-Premises. This is an end-to-end email encryption tool that is widely used in maintaining Personal Health Information (PHI) and Personally Identifiable Information (PII) in a private and secure manner.

Micro Focus SecureMail On-Premises

Identity-based encryption is one of the main features of this tool. This allows organisations to make the most of secure communications without any software needing to be downloaded. You can send information through the use of unique private keys even if the receiver is offline.

Symantec Gateway Email Encryption 

My final recommendation is Symantec Gateway Email Encryption. This solution secures all email communications. It acts as a firewall from unauthorised access over the public Internet, irrespective of whether or not the recipient is using any sort of encryption tool. This means that individuals and businesses can lower the chance of a data breach. 

Symantec Gateway Email Encryption

If the recipient does not own any encryption software, web email encryption will be used. To ensure secure communication between the recipient and the sender, the receiver will get an email that contains a link to a web portal. The individual needs to log into the portal to access the email, ensuring ultimate security, as communications are occurring within an environment that is encrypted. 

One of my favourite elements of Symantec Gateway Email Encryption is the PDF email protection. All PDF attachments are encrypted. The recipient can only access the information with a user-defined password. This is perfect if you are sending a secure email and you do not require a response.

Final words

So there you have it: some of the different approaches you can use to encrypt your email messages. I really cannot stress enough just how important this is! Emails are not as secure as people like to think. They’re regularly intercepted when people do not use secure protection methods, such as encryption and VPNs. This is why you need to make a dedicated effort to ensure all of your communication is secure.

you may also like...

ibVPN Review

Based in Hong Kong, PureVPN has been running for over 13 years now and has…
Read more

PureVPN Review

Based in Hong Kong, PureVPN has been running for over 13 years now and has…
Read more

VPN.ac Review

One name that is usually overlooked is VPN.ac. Should you be paying attention to this…
Read more

VPNArea Review

Is VPNArea a good choice? Discover more about this vPN provider, which is based in…
Read more

Secure VPN Review

SecureVPN boasts a kill switch and supports torrenting. Discover more about this VPN solution.
Read more

Hide My IP Review

Hide My IP has servers in 123 different countries around the world. Discover whether this…
Read more

FrootVPN Review

If you are looking for a low-cost, basic VPN, FrootVPN is certainly worth considering. Find…
Read more

BTGuard Review

Boasting high levels of security, BTGuard is a VPN well worth considering, but is it…
Read more

Browsec Review

From security to speed; discover everything you need to know about Browsec VPN.
Read more

Avira Review

Known for their antivirus product, Avira brought a VPN out in 2016. Read my full…
Read more

vpn.ht Review

Vpn.ht was created back in 2014 by the company known as Wicked Technology. is it…
Read more

VPN.S Review

VPN.S, also known as VPNSecure, is a solution worth considering if you are looking for…
Read more

SaferVPN Review

SaferVPN describes itself as the fastest and simplest VPN on the market. Bold claims! Does…
Read more

IVPN Review

Incorporated in Gibraltar, IVPN has a small server network. However, it comes with some great…
Read more

Proton VPN Review

ProtonVPN is based in the friendly jurisdiction of Switzerland. A great start, but does the…
Read more

PrivateVPN Review

PrivateVPN is a user-friendly VPN that is good for streaming purposes and combines effective encryption…
Read more

Tiger VPN Review

Based in Slovakia, TigerVPN has more than 300 servers across 42 countries. Is it right…
Read more

Ivacy Review

Ivacy has been around for quite some time now, and it certainly offers some great…
Read more

OpenVPN Review

OpenVPN is an open-source software application that many VPN providers use today. Discover more.
Read more

TorGuard Review

TorGuard is based in the United States, but can we get passed this poor jurisdiction?…
Read more

Buffered Review

Buffered VPN was recently absorbed into encrypt.me. From speeds to security, I assess this VPN…
Read more

HIDE me Review

Hide.me is a VPN that ticks a lot of boxes, especially in terms of streaming.…
Read more

AVG Review

AVG is a brand that is known around the world for its antivirus product, and…
Read more

AirVPN Review

KeepSolid offers robust VPN services for both the business and also the individual user. Delivering…
Read more

AceVPN Review

Acevpn has servers across more than 50 locations worldwide, but is it worth downloading?
Read more

ZenMate Review

ZenMate is a German VPN provider that will allow you to safely browse the internet…
Read more

IPVanish Review

IPVanish boasts an impressive line up of over 1000 servers across 60 countries. They’re by…
Read more

VyprVPN Review

A solid VPN that offers insanely good security and anonymity. From only £3.63 per month,…
Read more

NordVPN Review

NordVPN is a Panama-based VPN allowing you to connect to 4,952 servers worldwide. It’s well…
Read more