11 Misconceptions about Email Encryption - #8
In my last blog post #7, I discussed whether SSL/TLS was sufficient for email encryption. The eighth part of our series deals with the confidentiality of messages when moving the email infrastructure to the cloud.
Misconception #8: My cloud provider already has built-in email encryption
Do you use a cloud solution for your emails? Many cloud users think that their electronic communication is adequately protected when the cloud provider handles both email management and encryption. That's true, provided your trust in your cloud provider is boundless. However, you should be aware that the provider also has your keys and can therefore decrypt and read the messages. To avoid this, you should either separate email management and email encryption or use a solution that allows you to store your keys with you on premises. Trust is good in many ways, but control is better if you want to keep your emails confidential.
Missed the previous ones?
Misconception #1: I don't need email encryption
Misconception #2: I can't afford that
Misconception #3: Email encryption is too complicated
Misconception #4: I can implement email encryption myself
Misconception #5: I have to convince my communication partners of "my" solution
Misconception #6: The people I communicate with have no clue about IT, so it won't work anyway