Freely subscribe to our NEWSLETTER

Ensuring only intended recipients are able to access information contained within emails has, up until now, required complicated and expensive technology, rarely used by large organisations and well beyond the means of small and medium sized businesses. However, email security is fast becoming a priority for managers across the board. Industry regulations requiring organisations to secure company confidential information are applicable throughout the supply chain. Small and mid-sized companies supplying goods and services to large organisations are obliged to actively participate in ensuring the security of all shared data.

To be acceptable for small or midsized companies, secure email transmission technology needs to be easy to install, administer and, to maximise simplicity, easy to combine with other security components. Its use by individual employees must be enforceable in order to allow company-wide security policy to be implemented but the securing mechanisms should be transparent in use to avoid the need for costly training and to maintain employee productivity. Finally, the solution must be affordable for smaller businesses.

A variety of solutions for secure email transmission are available. The classic approach for securing email infrastructure is to provide each user with software, such as S/MIME or OpenPGP, on their desktop. Users are supplied with internal and external PKI (Public Key Infrastructure) keys, which they administer on their own PCs. These solutions offer sufficient functionality and are cheap to implement, but have high administrative costs and are only suitable for users who possess advanced knowledge of encryption and signature methods, not something many small companies have in abundance.

To overcome some of these challenges, stand-alone centralised solutions, which shift the encryption functionalities from the individual desktop to a dedicated email gateway, are available. Administrators of stand-alone centralised solutions are required to integrate the technology into the existing IT infrastructure and link it in with other security components such as virus scanners and firewalls. These solutions are generally powerful and offer many features and configuration possibilities. However, they are highly complex and expensive so are used only by large companies with the corresponding know-how.

The solution for small and midsized businesses is to integrate centralised email encryption within a Unified Thread Management (UTM) appliance. A UTM appliance offers a suite of security solutions that provide comprehensive protection from Internet threats in a central gateway. Because secure email technology is seamlessly integrated with the UTM’s other security functions, there is no need for complicated implementation and encrypted e-mails are checked for damaging content by a centralised virus and content scanner. The administrative interface is also greatly simplified, which reduces the long-term cost of using secure email technologies whilst still offering strong encryption, decryption, and signature verification in accordance with the common S/MIME and OpenPGP standards.

At its simplest, to utilise a UTM’s email-security capabilities, businesses need only plug the appliance into their network between the Internet connection and the server, accept the factory presets and import their employees email addresses. Encrypted emails will then be sent between staff, who will probably not even be aware of the change. Every time an external email presenting an industry standard security certificate, is received, the sender’s address is added to the list that will be sent encrypted content.

Solutions that require software on each workstation or a centralised, stand-alone, email encryption tool are too complex to manage and operate, as well as being beyond the budget typically available in midsized companies. Centralised email encryption integrated into a UTM appliance provides an ideal combination of security applications and email security in an economical, easy-to-use, all-in-one solution, enabling senders and recipients of email to concentrate on their jobs, safe in the knowledge that their company confidential information is secure.