OCS banner and logo
Keeping clients' computers safe and profitable for over 30 years

Home Forms About Current Newsletter subscribe 
Search All Articles

Browse by Category

powered by pmc2m


Secure email services

Article for: Those wanting Secure email
Difficulty: Moderate
Importance: Useful information to consider
Last month I wrote an article recommending better more private email services than Gmail, AOL, Yahoo or Hotmail. Those services do not make their money by selling your information or pushing a political agenda. Some of us will be happier with those privacy focused Email services, rather than trying to use a secure email service. Unless you are a doctor, lawyer or accountant, most of us don't want the hassle that comes with security in email. Even those people just attach a paragraph at the bottom that essentially says, "Don't read this if it wasn't meant for you."

The problems with Secure Email

It is easy to have secure email while it is in transit. The problems occur once the email is received and also while it is sitting on the service's servers. How do you prevent their staff from reading your emails? How do you assure that only the intended recipient can read it? We can solve fairly easily this, if you only send to people using the same secure email service. Most of us are familiar with getting secure messages to be read on-site for investment firms or medical offices or insurance.

But, here are the three problems that make it hard to do secure email properly.
  1. How do you send a secure message to someone who won't use your secure email service? Essentially, agree on a password that is for that email. Proton mail requires a password for each email, though you could agree on one you would always use that client. Tutanota associates a password with a particular contact instead of the email, but it still needs to be agreed upon with the client. Instead of sending the mail to the contact, these services send a link and require that the contact to login and read the mail on their site.
  2. How can you search through emails? If you encrypt your emails, the service can't read them. If they can’t read them, they can’t search through them! Proton mail solves this by not encrypting the subject, dates and contact. They limit their search to those. Tutanota downloads the information to your local computer and does the search there, allowing you to search the content without them needing the passwords.
  3. It is hard to use a standard email program. Secure email requires that you download an encrypted message and only decrypt it after you've downloaded it. They also require you to encrypt messages on your computer before sending them. To accomplish this, it is difficult to use any standard email program like Outlook or Thunderbird. These programs don’t know how to encrypt your emails. You will either need to use Webmail or their the services special programs for email. Tutanota requires you to use their program or Webmail. Proton Mail has a method to setup your own email server which your email program will send to on your computer, and it will then encrypt it and send it on to Proton Mail. This creates complications.

If you will put up with the inconvenience these issues create, both Proton Mail and Tutanota are excellent. However, even with my emphasis on security, I'm not interested.

What I do

I sometimes need to send an encrypted message. Perhaps it is a set of passwords to a client. For these occasional occurrences, I save the file on my computer and then transfer it to them using Tresorit Send. Then I delete my copy. Usually I have the information stored in my Keepass vault, fully encrypted and protected, along with other client information.

You can also encrypt a PDF file with most reasonable PDF viewers by adding encryption under the document properties.

Further reading:

Date: June 2021

Creative Commons License
This article is licensed under a Creative Commons Attribution-NoDerivs 3.0 Unported License.

  Please direct questions/suggestions about website to the webmaster