RE: Forcing encrypted e-mail

From: Philip Wagenaar (pb.wagenaar@chello.nl)
Date: 03/27/02 

From: "Philip Wagenaar" <pb.wagenaar@chello.nl>
To: <pcgeek@hushmail.com>, <security-basics@securityfocus.com>
Date: Wed, 27 Mar 2002 23:20:33 +0100

If you really need this kind of security... Both parties have take
precautions.... Something like the PGP idea to encrypt message's is
probarly the easiest and cheapest way... If you try to something easier
you instantly loose a lot of security..... Don't even think about
putting the sensetive information in a password protected zip file or
office document....

Remember: Its better to be insecure and know it, then make a poor
attempt to security and rely on it!

-----Original Message-----
From: pcgeek@hushmail.com [mailto:pcgeek@hushmail.com]
Sent: woensdag 27 maart 2002 17:01
To: security-basics@securityfocus.com
Subject: Forcing encrypted e-mail

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

Due to HIPAA regulations, certain sensitive information will have to be
encrypted. Currently, we have users who want to e-mail sensitive
information to vendors. The obvious solution seems to be PGP, but I
cannot rely on end-users to remember to encrypt all of their messages.
There is also the issue of vendors who receive some of this information
not being very tech savvy.

Is there some other solution (specific, please) which would guarantee
that certain information is encrypted, without placing a level of trust
on the vendor or our users? VPN is not an option and e-mail or web
seems like the best delivery vehicle. Thanks.

Hush provide the worlds most secure, easy to use online applications -
which solution is right for you? HushMail Secure Email
http://www.hushmail.com/ HushDrive Secure Online Storage
http://www.hushmail.com/hushdrive/
Hush Business - security for your Business http://www.hush.com/ Hush
Enterprise - Secure Solutions for your Enterprise http://www.hush.com/

Looking for a good deal on a domain name?
http://www.hush.com/partners/offers.cgi?id=domainpeople

-----BEGIN PGP SIGNATURE-----
Version: Hush 2.1
Note: This signature can be verified at https://www.hushtools.com

wlsEARECABsFAjyh7noUHHBjZ2Vla0BodXNobWFpbC5jb20ACgkQv2tV+j5+XIFXGgCf
T08I3lbUrtOYs4tvkoEgINt7KZMAoKzMQVtrQzAvSo5jJvayML5D/BeW
=hc5a
-----END PGP SIGNATURE-----

Relevant Pages

  • RE: Password Management
    ... key to encrypt the password sync session. ... HushDrive Secure Online Storage http://www.hushmail.com/hushdrive/ ... Hush Enterprise - Secure Solutions for your Enterprise http://www.hush.com/ ...
    (Security-Basics)
  • Re: Need a license component
    ... I also use OnGuard to protect a specialty program from casual hacking. ... I got to thinking about beefing up the security one day after adding some ... I'm going to use Ionworx's SecureCode for this, to encrypt sections of code. ... results of the calculations into the secure area. ...
    (borland.public.delphi.thirdpartytools.general)
  • Re: Encryption of files on USB flash drive
    ... You can find problems with current transparent security methods, ... It is an EFS that encrypts individual files. ... You can choose to encrypt a folder and all of it's contents (including ... encrypt and decrypt data. ...
    (sci.crypt)
  • Re: More on caching and logging
    ... hurt the aura of Mac security Apple has cultivated over the years? ... If you put your sensitive files onto another, external, hard drive, and then ... of ways to encrypt files, ... Anything on a work machine is by definition subject to work rules. ...
    (comp.sys.mac.system)
  • Re: Using S-MIME (encrypted & signed email)
    ... encrypt email is about better security practice, ... >> preceived view of complexity in deployment? ... I don't know how important these posts really are... ...
    (microsoft.public.security)