By CNET News.com Staff August 25, 2000, 2:20 p.m. PT URL: http://news.cnet.com/news/0-1005-200-2613005.html By William Spernow, Gartner Analyst Encrypted-email services for consumers, such as the remote services Yahoo will provide through ZixIt, target people's concerns over Internet privacy and security, which continue to grow. Nevertheless, it is not clear that many consumers have run into trouble with unauthorized people intercepting their regular email or that consumers are up to challenge of managing an encrypted-email service. ZixIt says that its SecureDelivery.com service "enables users worldwide to easily send and receive encrypted and digitally signed communications," an obvious solution to a perceived problem. However, the chances of someone intercepting an email message in transit are nil. For example, no one has ever had a credit card number stolen while it was being transmitted over the Internet. The real risk comes when the unencrypted email is stored on someone's desktop or laptop--and especially on the vendor's email server. In effect, remote email services offer enticing targets for malicious hackers, who will know exactly where to go when looking for sensitive communications. Accordingly, using remote email store-and-forward services makes sense only if the strictness with which a vendor protects its servers and the content of the emails awaiting delivery outweighs the added risk of using such a highly visible service. Properly weighing those risks can prove extremely difficult because it involves addressing several issues. The vendor must publish its policies for securing its email servers. It must make clear how thoroughly it has assessed security threats and what steps it has taken to mitigate these risks. The risks include the physical security at the actual location of the server as well as the location itself--whether in the United States or abroad. More importantly, the vendor must restrict the number of employees that have access to the server and ensure their trustworthiness. All of those issues apply to sites where backup tapes are stored, too. The vendor must also bring in an independent auditor--preferably several outside firms--to validate that the vendor is following its stated security policy. Finally, the vendor must plan in case its security measures are not as tight as it believes and unauthorized users do somehow obtain access to consumers' secure email. The vendor must accept liability if a consumer suffers economic loss because of a compromised communication. It is difficult enough for a midsize enterprise to manage encrypted-email systems adequately. Gartner believes that most consumers will not be able to do so using today's methods. The most technically savvy consumers that need email encryption will likely continue to use digital certificates (e.g., Pretty Good Privacy's) to communicate securely among a handful of contacts. Gartner believes that few people who are knowledgeable about information security will allow their sensitive email messages to sit on someone else's email server unless their vendor has made extraordinary efforts to educate consumers about its internal security controls and has documented them through an ongoing security assessment by external information-security professionals.
