(16.09.2022)
Protect email communication better
Would you write and send all your business information and communications on postcards? Probably not. Emails used to be similar to postcards: Anyone who had access to the communication between two mail servers could have simply read or even modified the messages in plain text.
Today, the state of the art is fortunately different: While in transport e-mails are usually encrypted without users needing to know about it or even do anything (TLS transport encryption).
The prerequisite is that the e-mail servers involved are proficient in the newer TLS protocols and are configured so that communication takes place exclusively via the secure protocols. This is also the recommendation of the German Federal Office for Information Security (BSI).
For this reason, after a long transition period, we at fox-on have recently decided to only accept e-mails sent using the latest TLS.
Emails over older, insecure protocols will not arrive (anymore), but instead trigger an error message. So far, this also works pretty well – fortunately with most all our communication partners, there have been no problems.
Perhaps you would like to check with your IT department to see how your e-mail security is configured? Could it maybe also be enforced at all times, as is now the case with fox-on?
This would be a further step toward greater IT security – and thus also toward improving data protection. For the sake of completeness: TLS is basic security and state of the art today for any e-mail communication. For truly confidential content, true end-to-end encryption should nevertheless be chosen (e.g., via PGP or S/MIME).
Summary:
Transport encryption of e-mails (TLS version 1.2 or later) is state-of-the-art and should therefore also be in standard use at your company.