Planning Distributed Security

Secure E-mail

In today's enterprise, e-mail messages containing sensitive personal information and proprietary business information are routinely sent over nonsecure portions of the intranet or even the Internet. Espionage agents or hackers can easily intercept plaintext e-mail messages. Furthermore, someone with malicious intent can easily intercept and modify e-mail messages en route, or forge the IP address of an e-mail sender and send false messages.

Many of today's secure e-mail solutions, such as Microsoft Exchange Server are based on the open Secure/Multipurpose Internet Mail Extensions (S/MIME) standard. Using open standards is important if you want to provide interoperability among third-party secure e-mail applications used by business partners, vendors, and customers.

How Secure E-mail Works

Secure e-mail systems based on S/MIME use industry standard X.509 digital certificates and public key technology to provide e-mail security between senders and recipients of e-mail messages. Secure e-mail systems typically provide the following security functions:

Senders can digitally sign e-mail messages to provide data integrity.
Recipients can verify the identity of the message sender and verify that the message has not been tampered with en route.
Senders cannot repudiate signed messages because only the sender has possession of the signing credentials.
Senders can encrypt e-mail messages to provide confidential communications.
Intended recipients can decrypt the message using private credentials, but others cannot decrypt and read the message.
Administrators can centrally store users' private credentials in a secure database. If a user's private credentials are lost or damaged, administrators can retrieve the private credentials necessary to decrypt messages.

Considerations for Secure E-mail

To address strategies for secure e-mail, consider including the following information in your deployment plan:

Secure e-mail server and client applications to be used.
E-mail servers and user groups needing upgrade or migration to secure e-mail.
General policies for using secure e-mail in the organization.
Encryption technology to be used, including international export restrictions and limitations.
Certificate services needed to support secure e-mail.
Enrollment process and strategies to enroll users in the secure e-mail program.
Key recovery database backup capabilities and recommended backup and restore practices.
Key recovery capabilities and recommended general recovery practices.