Email encryption is the process of disguising the content of your email messages to protect them from being read by unwanted parties. Sensitive information such as social security numbers, passwords, login credentials and bank account numbers are vulnerable when sent via email.
When encrypting emails, it’s important to encrypt all of them, not just the ones with sensitive information. If only some of your emails are encrypted, it is a red flag for a hacker and could make your inbox even less secure. They will only have to hack into a few emails rather than sift through hundreds to find data they can use. We explain how to encrypt emails on multiple providers and summarize our tips in an infographic.
What is Email Encryption?
Email encryption is essentially mixing up the contents of an email so it becomes a puzzle that only you have the key to solve. The public key infrastructure (PKI) is used to encrypt and decrypt emails. Each person is assigned a public and private key in the form of digital code.
The public key is stored on a key server along with the person’s name and email address, and can be accessed by anyone. This public key is what is used to encrypt the email. If someone wanted to send you an email with sensitive information, they would use your public key to encrypt it. The private key is used to decrypt emails. It is stored somewhere safe and private on the person’s computer and only that person has access to it. The private key can also be used to digitally “sign” a message so the recipient knows it came from you.
Why is Email Encryption Important?
Email encryption is important because it protects you from a data breach. If the hacker can’t read your message because it’s encrypted, they can’t do anything with the information. Since 2013, over 13 billion data records have been lost or stolen. The average cost of a data breach in 2018 is $3.86 million. This number has grown by 6.4% since 2017. Data breaches can be costly because they take a while to identify. In 2018, the mean time to identify a breach was 197 days and the mean time to contain it was 69 days. Email encryption is a preventative measure you can take to avoid being part of a cybersecurity statistic.
Types of Email Encryption
The two main types of email encryption protocol are S/MIME and PGP/MIME. S/MIME (Secure/Multipurpose Internet Mail Extensions) is built into most OSX and iOS devices and relies on a centralized authority to pick the encryption algorithm. S/MIME is used most often because it is built into large web-based email companies such as Apple and Outlook.
PGP/MIME (Pretty Good Privacy/Multipurpose Internet Mail Extensions) relies on a decentralized trust model and was developed to address security issues facing plain text messages. Within this model, there is more flexibility and control over how well you want your emails to be encrypted, but it requires a third-party encryption tool.
How to Encrypt Emails in Gmail
Gmail already has S/MIME built into the app, but it only works if both the sender and receiver have it enabled.
- Enable hosted S/MIME.You can enable this setting by following Google’s instructions on enabling hosted S/MIME.
- Compose your message as you normally would.
- Click on the lock icon to the right of the recipient.
- Click on “view details” to change the S/MIME settings or level of encryption.
When changing the encryption levels note these color codes:
Green — Information is protected by S/MIME encryption and can only be decrypted with a private key.
Gray — The email is protected with TLS (Transport Layer Security). This only works if both the sender and recipient have TLS capabilities.
Red — The email has no encryption security.
How to Encrypt Emails in Outlook
Outlook is also compatible with the S/MIME protocol, but it requires additional setup.
- Enable S/MIME encryption.This process will involve getting a certificate or digital ID from your organization’s administrator and installing S/MIME control. Follow Office’s steps for setting up to use S/MIME encryption.
- Encrypt all messages or digitally sign all messages by going to the gear menu and clicking S/MIME settings. Choose to either encrypt contents and attachments of all messages or add a digital signature to all messages sent.
- Encrypt or remove individual messages by selecting more options (three dots) at the top of a message and choosing message options. Select or deselect “Encrypt this message (S/MIME).” If the person you are sending a message to doesn’t have S/MIME enabled, you’ll want to deselect the box or else they won’t be able to read your message.
How to Encrypt Emails on iOS
iOS devices also have S/MIME support built in as a default.
- Go to advanced settings and switch S/MIME on.
- Change “Encrypt by Default” to yes.
- When you compose a message and lock icon will appear next to the recipient. Click the lock icon so it’s closed to encrypt the email.
Note: If the lock is blue, the email can be encrypted. If the lock is red, the recipient needs to turn on their S/MIME setting.
Email Providers That Need Third-Party Encryption Tools
Email providers and devices that don’t have S/MIME compatibility built-in will need a third-party tool that allows them to use S/MIME or PGP/MIME protocol.
Encrypting Emails With Yahoo
Yahoo uses SSL (Secure Sockets Layer) as a layer of security to protect the account but requires third-party services to encrypt with S/MIME or PGP/MIME.
Encrypting Emails With Android
Android emails can be encrypted through S/MIME and PGP/MIME, but both require extra setup and a third-party app.
Encrypting Emails With AOL
Encrypting emails in AOL can be done manually, but requires a third-party tool to implement the PGP/MIME criteria. You first must download the PGP implementation and then obtain a program that allows you to use PGP encryption with your webmail provider.
Email Encryption Services
Email encryption can be done manually or by a secure email service. These email service apps each have unique offerings such as encrypting emails, attachments and contact lists. They do this in the background so you don’t have to worry about doing it manually.
Some notable providers are:
ProtonMail
ProtonMail allows you to enable end-to-end encryption and has PGP compatibility. It has different price levels, depending on the number of domains needed and messages sent per day.
Ciphermail
Ciphermail supports encryption through S/MIME, OpenPGP, TLS and PDF. It is popular for its compatibility with Android devices.
- Price: free
- Apps: Android
Mailvelope
Mailvelope is an OpenPGP encryption service for webmail. It’s compatible with Gmail, GMX, Outlook, Posteo, WEB.DE and Yahoo.
Virtru
Virtru provides end-to-end email encryption services and is compatible with Gmail, Outlook, Hotmail, Yahoo and a few other providers.
Startmail
Startmail supports encryption through PGP and is compatible with email services such as Outlook and Gmail.
- Price: free and paid plans
- Apps: none
Send 2.0
Sendinc offers military-grade encryption and is compatible with Outlook and Gmail.
- Price: free and paid plans
- Apps: Outlook plugin
Enlocked
Enlocked allows you to send and receive encrypted emails using PGP. It is compatible with Gmail, Yahoo, AOL, Microsoft and Outlook.
- Price: free and paid plans
- Apps: Chrome
Protect yourself and your business from new cybersecurity threats by taking preventative measures. Implementing an advanced cybersecurity solution will help you find the best prevention techniques and instruct you on efficient ways to apply them to keep you safe from hackers.
Sources:
PC Mag I Comparitech I Digital Guardian I Difference Between I Paubox I Office I Virtru I Ponemon Institute I Forbes I Breach Level Index
Panda Security
Panda Security specializes in the development of endpoint security products and is part of the WatchGuard portfolio of IT security solutions. Initially focused on the development of antivirus software, the company has since expanded its line of business to advanced cyber-security services with technology for preventing cyber-crime.
FAQs
How do I encrypt an email in Gmail iOS? ›
- On your iPhone or iPad, open the Gmail app .
- Tap Compose.
- In the top right, tap More. Confidential mode. ...
- Turn on Confidential mode.
- Set an expiration date, passcode and other controls. These settings impact both the message text and any attachments. ...
- Tap Done .
Encrypting Emails With AOL
Encrypting emails in AOL can be done manually, but requires a third-party tool to implement the PGP/MIME criteria. You first must download the PGP implementation and then obtain a program that allows you to use PGP encryption with your webmail provider.
- Tap Compose in the Gmail app.
- In the top right, click More and then Confidential mode.
- Set an expiration date, passcode, and other controls, which applies to the message's text and attachments. ...
- Tap Done.
Open the Settings app. Choose Mail > Accounts. Select the account that has messages that you want to encrypt by default. Choose Account > Advanced > Encrypt by Default, then turn on Encrypt by Default.
How do I encrypt my Yahoo email on my iPhone? ›- Open the Settings app.
- Choose Mail > Accounts.
- Select the account that has messages you want to encrypt by default.
- Choose Account > Advanced > Encrypt by Default, then turn on Encrypt by Default.
Open a new message in Yahoo Mail as usual. Click the Mailvelope icon in the top-right corner. Write your message and click Encrypt. Send the encrypted message.
Can Gmail emails be encrypted? ›Gmail is capable of encrypting the email it sends and receives, but only when the other email provider supports TLS encryption. In other words, encrypting 100% of all email on the Internet requires the cooperation of all online mail providers.
How do I encrypt an Outlook email? ›In message that you are composing, click File > Properties. Click Security Settings, and then select the Encrypt message contents and attachments check box. Compose your message, and then click Send.
How do I encrypt Gmail 2022? ›- On your computer, go to Gmail.
- Click Compose.
- In the bottom right of the window, click Turn on confidential mode . ...
- Set an expiration date and passcode. ...
- Click Save.
When composing an email in Outlook for iOS and Android, the sender can choose to encrypt and/or sign the message. By tapping on the ellipses and then Sign and Encrypt, the various S/MIME options are presented.
How do I enable encryption in Gmail? ›
- Sign in to your Google Admin console. ...
- In the Admin console, go to Menu Apps Google Workspace Gmail. ...
- On the left, under Organizations, select the domain or organization you want to configure. ...
- Scroll to the S/MIME setting and check the Enable S/MIME encryption for sending and receiving emails box.
The sender encrypts messages using the recipient's public key. The recipient decrypts the message using a private key. There are two methods that organizations can implement end-to-end encryption, PGP and S/MIME. These involve organizations manually configuring their email systems to send encrypted emails.
Does Outlook Mobile Support Smime? ›Understanding S/MIME
S/MIME in Outlook for iOS and Android is supported with Microsoft 365 or Office 365 accounts using the native Microsoft sync technology. For a general overview of S/MIME, see S/MIME in Exchange Online.
iMessage. If you're looking to secure your messages on your iPhone, the easiest way to do this is by turning on iMessage. iMessage creates an encrypted text thread that's only readable by the sender and the recipient.
Can you encrypt an iPhone? ›Does iPhone Have Encryption? Yes. Apple's iPhone, iPod touch, and iPad smart devices all support basic built-in encryption while a passcode is enabled.
How do I encrypt Gmail 2021? ›Choose User Settings. Navigate to Organizations and choose the organization or domain you want to configure. Scroll to the S/MIME setting, and check the box that says “Enable S/MIME encryption for sending and receiving emails” Choose Save.
Where is advanced in settings on Iphone? ›After logging in to your account, click on the Settings icon (it looks identical to that found on iOS and OS X). Scroll to the bottom of the Settings page and look for the Advanced section. As of right now, it's located in the bottom-left corner of the Settings page.
Does Yahoo offer encrypt email? ›"Anytime you use Yahoo Mail — whether it's on the web, mobile web, mobile apps, or via IMAP, POP or SMTP — it is 100 percent encrypted by default and protected with 2,048 bit certificates," Jeff Bonforte, Yahoo SVP of communication products, wrote in a company blog post.
Is Yahoo Mail 2022 secure? ›Google, Microsoft, and Yahoo are clearly not the most secure email providers. None of them encrypt your messages end-to-end, and none take your privacy very seriously.
How does Gmail confidential mode work? ›How Gmail processes confidential mode messages. Gmail removes the message body and any attachments from the recipient copy of a confidential mode message. Gmail replaces message content and attachments with a link to the content. In Gmail, the linked content appears to be part of the message.
Are Outlook emails encrypted? ›
If you have an Microsoft 365 Family or Microsoft 365 Personal subscription, Outlook.com now includes encryption features that let you share your confidential and personal information while ensuring that your email message stays encrypted and doesn't leave Microsoft 365.
How do I send documents securely in Gmail? ›- On your computer, go to Gmail.
- Click Compose.
- Click Attach .
- Choose the files you want to upload.
- In the bottom right of the window, click Turn on confidential mode . ...
- Set an expiration date and passcode. ...
- Click Save.
A note about your email security in confidential mode
Messages are sent and received unencrypted and are easily intercepted by hackers. Encrypted email can, of course, be set up, but this just isn't a feature of Gmail.
- Protect Your Documents and Files Using a Strong Password. ...
- Use End-to-End Mail Encryption. ...
- Microsoft Office 365 Message Encryption (Information Rights Management) ...
- Use Encrypted File-Sharing Services to Link to Secure Files.
- Go to the top of the message and select more options. > Message options.
- Select or deselect Encrypt this message (S/MIME).
Outlook for Windows, Outlook for Mac, and Outlook on the web provides several encryption options: 1. Encrypt-Only – The message is encrypted in transit and at rest in the recipient's mailbox, including any attachments. Recipients cannot remove the encryption, so forwards and replies to the message remain encrypted.
What is the most secure email provider 2022? ›- ProtonMail. ProtonMail is the most well-known secure email provider. ...
- Mailbox.org. Mailbox.org is a secure email service aimed at business users looking for an alternative to Google or Microsoft tools. ...
- HubSpot. ...
- Zoho Mail. ...
- Tutanota. ...
- Posteo. ...
- Thexyz. ...
- PrivateMail.
How to Mark a Message as Private or Confidential in Outlook - YouTube
How do I enable S mime in Outlook Mobile? ›Select Use configuration designer next to Configuration settings format and accept or modify the default settings. For more information, see Deploying Outlook for iOS and Android app configuration settings. Click S/MIME to display the Outlook S/MIME settings. Set Enable S/MIME to Yes.
Where is S/MIME on iPhone? ›Set Up an S/MIME Certificate on an iPhone
First, go to Settings and select Accounts & Passwords. Now, select the account that you want to set up. Go to Advanced after selecting the specific account. Navigate to the S/MIME section and enable S/MIME.
Is Gmail secure to send tax documents? ›
One of the biggest reasons you don't want to use email to send tax documents is because the documents aren't encrypted when they are sent, unless you are using an encrypted email service. This means that when the files are traveling from computer to computer, they can be read by anyone who encounters the files.
What is standard encryption in Gmail? ›Sending an Encrypted Email in Gmail
Google relies on TLS or Transport Layer Security, an industry standard for email encryption. When you send an email, your browser contact's Google's server to establish a secure connection.
Don't Send Your SSN via an Electronic Device
Never type your SSN into an email or instant message and send it. The majority of such messages can be intercepted and read. Also, don't leave a voicemail that includes your SSN. If you need to contact someone and give them your number, it's best to do it in person.
- Find the Mailvelope Extension. ...
- Click “Lets Start” ...
- Select “Generate Key” in the Setup Page. ...
- Generate a Key. ...
- Select the Mailvelope Icon. ...
- Write Your Email with Mailvelope. ...
- The Recipient Enters the Password.
A digitally signed message lets your recipients verify your identity as the sender; an encrypted message offers an even higher level of security. To send signed messages, you must have a personal certificate in your keychain. To send encrypted messages, the recipient's certificate must be in your keychain.
What is a disadvantage of always sending encrypted messages? ›Encryption Disadvantages:
The user would be unable to explore the encrypted file if the password or key got the loss. However, using simpler keys in data encryption makes the data insecure, and randomly, anyone can access it.
- On your computer, go to Gmail.
- Click Compose.
- In the bottom right of the window, click Turn on confidential mode . Tip: If you've already turned on confidential mode for an email, go to the bottom of the email, then click Edit.
- Set an expiration date and passcode. ...
- Click Save.
- Sign in to your Google Admin console. ...
- In the Admin console, go to Menu Apps Google Workspace Gmail. ...
- On the left, under Organizations, select the domain or organization you want to configure. ...
- Scroll to the S/MIME setting and check the Enable S/MIME encryption for sending and receiving emails box.
Choose User Settings. Navigate to Organizations and choose the organization or domain you want to configure. Scroll to the S/MIME setting, and check the box that says “Enable S/MIME encryption for sending and receiving emails” Choose Save.
How do I make my email private on my iPhone? ›In Mail: (iOS 15.2, iPadOS 15.2, or later) Open a new message window, tap the From field, then choose Hide My Email in the pop-up menu.
Can Gmail emails be encrypted? ›
Gmail is capable of encrypting the email it sends and receives, but only when the other email provider supports TLS encryption. In other words, encrypting 100% of all email on the Internet requires the cooperation of all online mail providers.
How do I encrypt an Outlook email? ›In message that you are composing, click File > Properties. Click Security Settings, and then select the Encrypt message contents and attachments check box. Compose your message, and then click Send.
Does Gmail have a secure email option? ›Google's standard method of Gmail encryption is something called TLS, or Transport Layer Security. As long as the person with whom you're emailing is also using a mail service that also supports TLS — which most major mail providers do — all messages you send through Gmail will be encrypted in this manner.
How do I encrypt an email in Outlook Mobile? ›When composing an email in Outlook for iOS and Android, the sender can choose to encrypt and/or sign the message. By tapping on the ellipses and then Sign and Encrypt, the various S/MIME options are presented.
What are two ways of encrypting e mails? ›The sender encrypts messages using the recipient's public key. The recipient decrypts the message using a private key. There are two methods that organizations can implement end-to-end encryption, PGP and S/MIME. These involve organizations manually configuring their email systems to send encrypted emails.
How do I send documents securely via email? ›- Protect Your Documents and Files Using a Strong Password. ...
- Use End-to-End Mail Encryption. ...
- Microsoft Office 365 Message Encryption (Information Rights Management) ...
- Use Encrypted File-Sharing Services to Link to Secure Files.
Is Yahoo Mail Encrypted? Yahoo Mail does use the TLS protocol to encrypt your messages, but this won't protect anything from a compromised email server, data breaches or any other serious security vulnerabilities.
Is Yahoo email secure? ›"Anytime you use Yahoo Mail — whether it's on the web, mobile web, mobile apps, or via IMAP, POP or SMTP — it is 100 percent encrypted by default and protected with 2,048 bit certificates," Jeff Bonforte, Yahoo SVP of communication products, wrote in a company blog post.
What is Gmail confidential mode? ›With Gmail confidential mode, your users can help protect sensitive information from unauthorized or accidental sharing. Confidential mode messages don't have options to forward, copy, print, or download messages or attachments. Confidential mode lets you: Set a message expiration date.
Should I turn on Mail privacy protection on my iPhone? ›Ideally, you should have full protection enabled at all times. However, splitting the two main features and giving us some choice is a welcome move from Apple.
Does Outlook have Mail privacy protection? ›
1. Mail Privacy Protection won't affect Gmail, Outlook, Yahoo Mail, and other email apps that run on Apple's operating systems. Even though the new privacy protections are being rolled out as part of iOS 15, iPadOS 15, macOS Monterey, and watchOS 8, those protections only apply to Apple Mail apps.
Does Android Have Hide my email? ›Since the said release of the feature, Android users want to enjoy the same benefits. Unfortunately, there is no built-in functionality to hide email addresses on Android phones. Luckily, there are still ways to get the same feature on other tools and apps, such as the Firefox Relay, SimpleLogin and AddyManager App.