The constant challenge for IT professionals and security experts is to balance security and usability. If the most secure system is too complicated or cumbersome to use, people will circumvent it. Once the official or corporate system is circumvented, security has devolved from professional (IT executive) to amateur (end user).
Former Secretary of State Hillary Clinton’s use of a personal email system purportedly set up in her house by a colleague is a perfect, high profile example of this – but certainly not an isolated example.
In 2003, the United States Government Accountability Office (GAO), the auditor of the US Federal Government and an arm of the US Congress, began using RMail® — RPost’s Registered Email® service with functions to track opening, prove delivery, encrypt for privacy, and e-sign. A key reason they selected RMail technology was that it operated from within the native end user email interface — with functions simple and intuitive for the sender and recipient. In other words, RMail offers convenience Secretary Clinton would surely have appreciated.
IT professionals often underestimate just how simple the user experience must be for widespread adoption. Receiving a link in an email forcing the recipient to set up an account to access an email is not simple enough. Nor is exchanging digital certificates and saving them to a device.
When the recipient says to the sender, “just send the darn thing,” because they get frustrated with the more secure process, the sender often just sends it, frustrated that they are frustrating the recipient with some policy or process IT has put in place.
If it is not simple to use, people will circumvent the process; and they do – even those who know they shouldn’t, like the US Secretary of State.
If the Secretary had known that she could simply install RMail right into the US Department of State email interface, purchasing from AT&T’s government procurement IT schedule (GSA schedule), she would have had security and accountability with simplicity — and would not have been compelled to circumvent the process.
A summary of common secure messaging systems follows; the best method for security and simplicity for users is the “True Direct Delivery” method employed in RMail services.
1. Public Key Exchange – Secure but Complex for Many.
This is provided with the Department of State email. Certainly it is secure, but apparently too complex for many when communicating with parties who are external to the system, including the Office of the Secretary. This involves exchanging public encryption keys among your contacts (PKI Digital Certificates) and using Microsoft Outlook on your desktop computer. This “strong crypto system” has proven to be too cumbersome for most to use. One has to purchase and install these certificates, manage the expiration, ensure your recipients have a copy of your public key, and you theirs, and make sure all are using a compatible email program such as Microsoft Outlook desktop software.
2. Secure Store and Forward – “Man in the Middle” Problems.”
Systems that store your message content in the middle, and send a link to the recipients to download the content, are often used by consumers (and some companies) not understanding their most sensitive information is being stored on a third party server with unknown data security and message purge practices (which may differ from their stated policies). Further, the recipient is often forced to create an account to access the message and this is often a cumbersome process that has to be re-done each time they forget the password they used to access a particular message (ugh). Finally, there is no protection from unknown recipient endpoint security or lack thereof. So store and forward systems are not considered “strong crypto systems.”
Note, some systems that wrap your email in an encrypted HTML file before sending, often purport themselves to be “direct delivery,” but leave out the important point that the process of decrypting, is often sending the data back to the server in the middle. That server storing the decrypted message and displaying it in a web browser still has the same Man in the Middle storage purge concerns. Further, there is no protection from unknown recipient endpoint security or lack thereof. So it’s better than simple Secure Store and Forward, but still retains the Man in the Middle issues, and not considered a “strong crypto system.”
3. True Direct Delivery – RMail Method and the Best Method.
Systems that wrap the message in an encrypted PDF file are “strong crypto systems” as (a) the message content is not stored in the middle, (b) content is truly delivered to the recipients’ desktops encrypted, AND (c) the content remains encrypted at the recipient endpoint to prevent potential disclosure regardless of the recipient endpoint security. This is RPost’s RMail encryption method, and we’ve made it easy to use and implement for both the sender and recipient (for both compliance and personal privacy).
RPost has been offering secure electronic messaging services for more than 10 years and is a winner of the World Mail Award for best in security.