Educause Security Discussion mailing list archives
Re: Encrypted email
From: Matthew Gracie <graciem () CANISIUS EDU>
Date: Thu, 20 Mar 2008 11:08:55 -0400
Heather Flanagan wrote:
For all of you out there handling HIPAA-protected email and other restricted information - Do you use an email encryption service or application? Stanford University uses Voltage (http://www.voltage.com), and we're starting a process to review the service overall to determine if this is still the right solution for us today. What's worked (or not worked) for you?
This might be a little simplistic for your environment, but we've had a lot of luck with Thunderbird and Enigmail; it's simple, Free, cross-platform, and most outside agencies that we need to encrypt communications with can provide a public key. A word of advice, though -- make sure that you escrow the keys and passphrases of the end users. Never underestimate their ability to forget a passphrase and render an email account's contents unreadable. --Matt -- Matt Gracie (716) 888-8378 Information Security Administrator graciem () canisius edu Canisius College ITS Buffalo, NY http://www2.canisius.edu/~graciem/graciem_public_key.gpg
Current thread:
- Encrypted email Heather Flanagan (Mar 18)
- <Possible follow-ups>
- Re: Encrypted email Mike Wiseman (Mar 18)
- Re: Encrypted email Jesse Thompson (Mar 19)
- Re: Encrypted email Jesse Thompson (Mar 19)
- Re: Encrypted email Mike Wiseman (Mar 19)
- Re: Encrypted email Heather Flanagan (Mar 19)
- Re: Encrypted email Matthew Gracie (Mar 20)
- Re: Encrypted email Jesse Thompson (Mar 21)
- Re: Encrypted email Jesse Thompson (Mar 21)