How about GPG, or PGP? On 8/13/07, Danny Lieberman <[EMAIL PROTECTED]> wrote: > Kfir > > What exactly are you trying to achieve by encrypting email - are you trying > to encrypt business communications between employees and vendors/customers > to protect from eavesdroppers or do you want to encrypt the message > repository and protect it from attackers? > > Before you start applying encryption as a panacea do a little threat > analysis first. Ask yourself - what assets are you trying to protect, what > are the threats and what are your vulnerabilities. > > My experience with extrusion prevention with a fair number of customers has > shown the following: > > a. It's better to use outgoing email in clear text because 1) you can > monitor what people are doing and 2) having a business partner > decrypt/encrypt is generally a pain in the ass that is greater than the > value of the business transaction. > > > b. If you have high-value business communications between your company and > vendors - you are better off just encrypting the file (for example a > sensitive contract or product design doc) and sending the encrypted > attachment. This will enable you to monitor who is sending and who is > receiving and with the right monitoring system - you will be able to detect > that an encrypted file was sent which is interesting information in it's own > right. > > Read my blog entry on this topic > http://www.software.co.il/blog/2007/06/secure_communications_without_1.html > > Best regards > Danny > > > > On 8/10/07, Kfir Lavi <[EMAIL PROTECTED]> wrote: > > Danny, > > Google apps is exactly what I'm trying to avoid :-) > > What did you mean by "You don't want to get involved in encrypted mail on > your lonesome."? > > > > > > On 8/10/07, Danny Lieberman <[EMAIL PROTECTED]> wrote: > > > Kfir > > > > > > The best bet for you is Google Applications - surf to www.google.com/a > > > > > > You don't want to get involved in encrypted mail on your lonesome. > > > > > > danny > > > > > > > > > On 8/9/07, Kfir Lavi <[EMAIL PROTECTED]> wrote: > > > > > > > Hi, > > > > I would like to keep company emails secure and encrypted. > > > > I'm looking for a webmail program that is similar to Gmail. It don't > have to own all the stuff, just to be productive. > > > > I would also want encryption. I want all the emails be encrypted > automatically. > > > > What is the procedure for a user? should he take with him a usb > private key? > > > > I'm looking for your comments on the idea. > > > > > > > > Tnx, > > > > Kfir > > > > > > > > > > > > > > > > -- > > > Danny Lieberman > > > Reduce risk with practical threat analysis- visit us at > www.ptatechnologies.com > > > "All things being equal, the simplest solution tends to be the best > one." Occam's razor > > > > -------------------------------------------------------------------------------------------- > > > www.software.co.il/blog - Israeli software, music and mountain biking > > > www.software.co.il/pta - Download a free copy of the PTA-Practical > threat analysis tool > > > > -------------------------------------------------------------------------------------------- > > > Tel Aviv + 972 3 610-9750 > > > US + 1-301-841-7122 > > > Cell + 972 54 447-1114 > > > > > > > > -- > Danny Lieberman > Reduce risk with practical threat analysis- visit us at > www.ptatechnologies.com > "All things being equal, the simplest solution tends to be the best one." > Occam's razor > -------------------------------------------------------------------------------------------- > www.software.co.il/blog - Israeli software, music and mountain biking > www.software.co.il/pta - Download a free copy of the PTA-Practical > threat analysis tool > -------------------------------------------------------------------------------------------- > Tel Aviv + 972 3 610-9750 > US + 1-301-841-7122 > Cell + 972 54 447-1114
================================================================= To unsubscribe, send mail to [EMAIL PROTECTED] with the word "unsubscribe" in the message body, e.g., run the command echo unsubscribe | mail [EMAIL PROTECTED]
