Hardly a day goes by without us reading something about internet security. Our personal data in particular is often at risk online and can be accessed by third parties. Oftentimes, we ourselves are to blame for this because we only half-heartedly handle our own data. Not only that, malicious programs such as viruses, Trojans or password theft by phishing also allow fraudsters to gain access to our data. If sensitive information is being sent over the Internet, you should be extremely careful. This also includes encrypting e-mails.
How do e-mails get from sender to recipient?
It’s so easy: You write an e-mail on your PC, click on “Send” and in a few moments, that e-mail is already at the recipient’s address, regardless of whether the recipient lives in the same city as you, in a neighbouring country or on the other side of the world – but how does the mail actually get there and why is encryption of e-mails important?
You can imagine the connections like a large, impenetrable network. There are innumerable nodes that e-mails pass through before they reach the recipient. On the way there, the message is often unencrypted so that unauthorized persons can access it and thus intercept your data. This is why you should take precautions and encrypt your messages!
Encrypting e-mails – the transport encryption
You may have heard of TLS (Transport Layer Security) or SSL (Secure Sockets Layer). This is a so-called transport encryption, also known as point-to-point encryption, in which the e-mail is apparently encrypted along the entire transport route. Unfortunately, this is often different in practice, because it is precisely at the nodes, i.e. at the “crossroads” where the e-mail makes its way to the recipient that it is vulnerable. This is especially the case in foreign networks or in open WLANs. Thus, transport encryption is not necessarily the measure of all things, but still better than no e-mail encryption at all.
If you use a “freemailer” to send your messages, they are usually already encrypted. All you have to do is accept the encrypted connection in your e-mail account. If you use your own e-mail program, such as Outlook or Thunderbird, then the SSL/TLS encryption can be found under “Settings” and “Account Settings”.
Encrypting e-mails – the end-to-end encryption
It is even safer if you use end-to-end encryption because then your e-mails are encrypted directly. Although the e-mail could still be intercepted in transit, there is no longer any possibility of unauthorized persons gaining access to any information. Since the e-mail also arrives securely at the recipient, they will need a key to read the message. This key must be passed on from the sender to the recipient.
To be able to encrypt e-mails, the so-called “asymmetric encryption method” is used. The most common methods are S/MIME (Secure/Multipurpose Internet Mail Extensions) and OpenPGP (Open Pretty Good Privacy). To use these, there is appropriate encryption software or add-ons that you can simply install via the e-mail program. By installing a security certificate on your end device, a public key is generated that the recipient needs to be able to read the e-mail.
Send files securely without e-mail encryption – with TransferXL
If you want to do without the rather complex methods of encrypting e-mails, there is another method of secure data transmission: TransferXL. This is a service that allows you to send your files from A to B simply, quickly and above all, securely, without any pre-settings, additional programs or the like. All you have to do is go to the website and you can upload your files up to 5 GB directly from your PC or mobile phone.
Is that safe? Yes, it is, because TransferXL uses the end-to-end encryption described above, so all data is protected from start to finish. Encryption begins with the upload of your files. In order to retrieve the data, both a link and a key are generated on request – both of which you can then pass on directly to the recipient. The cherry on top: With TransferXL, you can send up to 200 GB, which is not possible with e-mail.
The most important questions and answers about encrypting e-mails
Why should you protect sensitive data in e-mails?
Because your data is unprotected on the way from you to the recipient and could be tapped by anyone. You should not do this without protection, especially when sending sensitive data.
What is transport encryption?
This is the encryption of the path that your e-mail takes from you to the recipient. Since this method does not always work at nodes, your data would not be sufficiently secured even with this encryption.
What is end-to-end encryption?
This is the most secure method to protect your data. The e-mail is already encrypted on your computer and remains secure until the recipient enters a decryption key. This means that third parties have no way of getting ahold of information, even if they were to intercept the e-mail. The best way to encrypt e-mails is to use this method.
Which encryption technique should I ideally use?
In the best case, you should use both encryption techniques at the same time, whereby end-to-end encryption alone is sufficient.
What do I have to do to encrypt e-mails?
With transport encryption, you only need to activate TLS/SSL transmission in your e-mail program. For end-to-end encryption, you need encryption software or add-ons, to install a security certificate and generate a public key that must be forwarded to the recipient.
Why is TransferXL absolutely secure?
Because TransferXL uses end-to-end encryption. This means that your data is already secured during upload. The key that the recipient needs to retrieve the data is generated automatically.