Email security is an important feature of modern communications, especially if you or your organization is engaged in certain types of politically sensitive activities, exchanging highly valuable corporate information or dealing with sensitive financial data on a regular basis.
In order to protect yourself you need to take privacy into serious consideration even if it means that sending emails will become more cumbersome than normal. With that, here is a list of email providers and tips whose focus on privacy ranges from strong to outright paranoid (but in a useful way).
1. Gmail (www.gmail.google.com)
That’s right, Gmail. This may seem counterintuitive but it is indeed the case if your main worries are snooping from data thieves and unauthorized third parties. Of course, if we’re talking about protecting yourself from official law enforcement agencies with legal power over Google’s jurisdiction (FBI, etc) then you’re probably out of luck since warrants for access to your account can readily be obtained. Furthermore, Google itself spies through your email archives for the sake of giving you targeted advertising in the sidebar -it’s no coincidence that your mails to grandma about Metamucil are shortly followed by intestinal trouble remedy ads but this scanning is fully automated and done by machines intelligence instead of humans. Thus, despite this, if we’re talking about a fairly secure and hack-proof mainstream email provider, Gmail is not at all bad.
Processes like practically unbreakable 128 bit HTTPS encryption of your messages between Gmail’s servers and your own computer as well as two step authentication options for login access to your account are both very good at protecting your messages from the overwhelming majority of snoop invasions. Additionally, if you make sure your Gmail password itself is kept long, complicated and strong, you’ll dramatically improve the security of your account.
2. Hushmail (www.hushmail.com)
Hushmail has become famous for its supposedly rigorous and fully secured email service system. The Hushmail system depends on complete end-to-end encryption of all your email messages as well as storage encryption of your entire inbox; as soon as you access your email account, your messages are then automatically decrypted for your benefit and then re-encrypted if you log out. Furthermore, with transmission of emails to unsecured mainstream email providers, you have the option of adding a secret question whose answer you’ve agreed upon in advance with your recipient in order for them to decrypt the message.
However, bear in mind that as far as hiding illegal activity from specific government investigations goes, Hushmail is not there to help you since they do have the ability to access your login password and turn it over to authorities, something they have done on three occasions in 2007 in cooperation with police investigations
3. Lavabit Mail Service (www.lavabit.com)
Lavabit is a great, simple and easy to use secured email service that uses 256 bit AES encryption to protect both your inboxed message archive and your sent mails. This email service provides all the standard security features such as POP 3, virus scanning and total end-to-end anonymity that’s supposedly so thorough that it prevents even Lavabit itself from being able to access your mail content under any conditions, including secret spy agency warrants and government issues court orders for information.
Basic and personal Lavabit accounts are free while the “Enhanced” and “Premium” accounts cost $8 and $16 dollars per year respectively.
4. Countermail.com (www.countermail.com)
Now here is a secure email service that takes intrusion proofing more seriously than most. The service offered by Countermail is a bit on the pricy side at nearly $7 per month but it does indeed offer a whole load of services to ensure the security of your stored email data and all message transmissions.
With Countermail you’re offered end to end encryption, 128 bit PGP encryption, IP anonymity in email headers, 2 step login authentication with purchase of a USB key and a number of other security bonuses like emailing through diskless servers that prevent data theft at countermail’s own facilities. With Countermail you can also change your message sender aliases and all standard security features like virus protection and spam filters are part of the service as well.
Bonus: Additonal Tools
Let’s face it, if you’re really worried about security against snooping by third parties you shouldn’t just stop at using whatever tools a secure email provider gives you and trust in them completely. Ultimately, you cannot be 100% sure that any of the above services are doing all they claim to be doing in order to protect your privacy and email integrity.
Thus, take matters into your own hands as an additional step by utilizing additional security tools of your own.
For starters, protect your email inbox with your own antivirus program of a type that’s capable of email security scanning (AVG premium has this option, for example) Additionally, ensure that your login password is long strong and deeply jumbled for maximum strength; make it at least 10 characters long and use randomized digits including numbers, letters and symbols.
Your recipients will have to take similar steps in order to decrypt your communications successfully but if the organization or people you’re communicating with are serious about their privacy, this last series of tips is an absolute must.
Secondly, in addition to the built-in encryption your email provider gives you, add a second layer by making all emails attachments that have first been encrypted with ultra-secure open source programs like TrueCrypt (truecrypt.org) or FreeOTFE (www.freeotfe.org), both of which offer heavy duty file and document encryption protocols such as AES and Twofish based encoding.
About the Author: Richard Tucker has been writing about technology and business solutions for nearly a decade. When he’s not writing, you can find Rich reviewing energy efficient elevator components for KONE Spares.