Experts warn that emails are the least secure and confidential medium of communication, ranking behind the telephone and the regular mail.
3 reasons why emails are not secure
1) Every relay receives a copy of your message
When you send an email from your laptop or mobile phone, your message is not automatically delivered to the receiver. It gets relayed from your device to your local DSL provider, then to a central server, then to some server in Nevada that routes emails, then to another one and so on. Nevertheless, the crucial point is that it can never be guaranteed that all the servers delete your message.
2) SSL security
Wikipedia states that ‘While it [SMTP SSL] protects traffic from being sniffed during transmission, it is technically not encryption of e-mails because the content of messages is revealed to, and can be tampered with by, involved email relays. In other words, the encryption takes place between individual SMTP relays, not between the sender and the recipient.’
This means that each relay decides wether to support the encryption or not. It is rather unlikely that emails get from one point to the other completely encrypted. If either the sender or receiver has not enabled SSL, however, the message has to be de-encrypted before it is delivered.
One solution for this could be an encryption through PGP (‘Pretty Good Privacy’), which is concerned with generating private keys. But as the name suggests, it is only pretty good, not perfect; no encryption scheme is without faults ultimately.
3) Loss of laptop/tablet/phone
Everyone has several email addresses, but it is likely that most of them come together on your mobile device, in Window’s Outlook or Apple’s Mail application. But what happens if your laptop or phone got stolen or you lose it? All of your email accounts (and other things) are now easily available for consumption.
Your email accounts are not the only ones that could be under attack
Financial institutions (such as JP Morgan Chase, HSBC, Mastercard and others), as well as Facebook, Microsoft, Dropbox and media companies, including the New York Times, have confirmed that they faced cyber attacks in recent years.
An American cyber security firm has recently linked China to attempts to steal American trade secrets and cyber espionage. They warn that cyber criminals can easily steal your passwords and put your bank accounts and other personal and private information in the wrong hands.
On top of this, the Guardian reported that thousands of Britons were unsuspecting participants in one of the biggest cyber attacks in the history of the internet, because their broadband routers were subverted.
However, one of the most shocking and worrying details was announced by the BBC: the Ministry of Defence has lost a considerable amount of private information.
- The Revenue and Customs officials lost the personal details of 25 million people in November 2007
- The Ministry of Defence Office revealed that one of its laptops, containing the details of 600,000 people, was stolen from a car in January 2008
- Files on counter-terrorism were left on a train and a computer was stolen from the office of Communities Secretary Hazel Blears in June 2008
The good news is that several measures have been taken since. The Computer Weekly reports that ‘IT managers are now bound by law to store, backup, encrypt, secure and protect their confidential data, and demonstrate that they are doing this satisfactorily’. They also state that ‘many organisations in the public sector and the regulated industries, such as utilities and legal or financial services, have to demonstrate an information security policy that proves they have a range of steps and measures in place. If these policies are not adhered to, the regulators reserve the right to prosecute.’
TranslateMedia’s Secure Translation Tool
At TranslateMedia, the confidentiality of your documents is top priority. Our Secure Translation Tool houses sensitive documents in a highly secure online translation environment and eliminates downloads. When you upload a document into our secure tool, the translators must login to a secure browser-based environment to translate the text. Therefore, there are no downloads or file transfers and all remote copies are eliminated.