RE: Encrypted emails

["Craig Searle" <craig.searle () sift com au>]

Hi John,

If you're concerned with key exchange and employee learning difficulties,
then a PGP product called PGP Universal might be a good solution for you.

The keyserver sits 'next' to the mail server and takes care of the key
management and encryption/decryption of emails - it occurs transparent to
the user, and you only need to update one central location with new public
keys and it will look after the distribution. It can also do some pretty
cool things with SSL collection of emails for external users who don't have
access to PGP.

If you're after some more info, email me and I can give you a more detailed
rundown or point you in the direction of the right people to talk to (I'm
not a vendor ;-)

Cheers,
Craig.

-----Original Message-----
From: John Madden [mailto:chiwawa999 () yahoo com] 
Sent: Thursday, 10 March 2005 8:30 AM
To: security-basics () securityfocus com
Subject: Encrypted emails

Hi,

Looking at the potential deployment and solutions for encrypted emails i had
a few questions.

What do large organization do to ensure that email are securely transfered
with a partner/customer for sensitive data ?

Using public/private keys seems like a whole lot of problems...

- How do you exchange keys ? Manually ? This might be ok for a couple of
recipient but can you imagine hundreds/thousunds at different companies...

- PKI, having to deal with the infrastructure could be a nightmare.

- Employees learning curve....

Are companies using an encryption software that will encrypt the
messages/attachments and transmit the password to decrypt by phone ?

I would like your comments/suggestions.

Thanks

John


        
                
__________________________________
Celebrate Yahoo!'s 10th Birthday! 
Yahoo! Netrospective: 100 Moments of the Web
http://birthday.yahoo.com/netrospective/