Unlike a scrumptious meal, some things are not meant to be shared. Your business’ secret recipe might be a client list, a new product or service announcement, a process document or other trade secret. Additionally, most organizations handle information such as employee or client social security numbers, credit card numbers, bank account numbers, HIPAA information and more. Like a prized family recipe, you want to keep this information secret.
Email is one of the most common ways people share information both inside and outside their organization. Your email messages travel through many different servers before they reach the intended mailbox. With that being said, it’s important to secure your email messages in the event someone intercepts it so the message would be useless to them.
You can encrypt individual messages using the PKI (Public Key Infrastructure) model or you can use a service to encrypt messages during transport, store them encrypted, and enable retrieval through the cloud. The PKI model, while secure, is not particularly convenient. As a result, most organizations use an encryption service. The service will typically allow you to manually mark an email for encryption using a keyword or other mechanism. However, you can also create a policy to automatically encrypt emails based on their sender, recipient, content and other criteria. The encryption policy would apply to all outbound email messages.
Email encryption policies ensure that your organization complies with regulations designed to protect customer data, such as HIPAA.