a man is checking his email inbox on a laptop
5 minute read

How to encrypt email

By: Sovereign Insurance

Email encryption is the process of encoding your sensitive or private data so that it’s scrambled or inaccessible to unauthorized users. Encryption helps ensure confidentiality, protect against unwanted access to your email account, and prevent the interception of sensitive or personal information. It’s an important measure to put in place when communicating confidential information to help prevent a data breach. After all, if a hacker can’t read contents of the email, they can’t harm you with it.

What type of information should you encrypt?

Private, confidential information that should be encrypted may include bank and credit card details, financial statements, personal client information, passwords, security documents, and tax records – just to name a few. Unauthorized disclosure of this information could lead to financial loss or identity theft, so special care and preventive measures must be taken to protect it.

How does it work?1

Encrypted data is scrambled so that it’s illegible to anyone who doesn’t have the decryption key or password to ‘decode’ and access the information. ‘Keys’ are the digital codes that allow you to encrypt and decrypt messages. The information is coded and decoded as follows:

  • A public key is a digital code used to encrypt the email. The sender uses the recipient’s public key to scramble the email message. This key is stored on a key server that’s accessible to anyone. You cannot send an encrypted email to someone without access to their public key. 

  • A private key is a private digital code that the recipient uses to decode the email. It’s stored on their private computer.

There are two main types of email encryption methods: S/MIME (Secure/Multipurpose Internet Mail Extensions) and PGP/MIME (Pretty Good Privacy/Multipurpose Internet Mail Extensions). Here’s the difference:

  • S/MIME: 
    • relies on a centralized authority to pick the encryption algorithm
    • built into large web-based email companies such as Gmail and Outlook
    • key code is generated for you
    • relies on a decentralized authority to pick the encryption algorithm
    • offers more flexibility and control over how you want your emails to be encrypted
    • requires a third-party encryption tool

In order for the recipient to decrypt an email encrypted by the sender, both parties must use the same encryption method.

How to encrypt your emails

Before you send an encrypted email, be sure to let the recipient know in advance that you’re initiating an encrypted email conversation. And once all sensitive information has been shared, it’s important to close the confidential encrypted email thread by starting a new email conversation. This way future messages won’t be encrypted automatically, and you won’t inconvenience the recipient with the additional step of requesting a passcode. 

For details on how to encrypt your emails, refer to these resources for helpful instructions:

Other cyber security considerations

Email encryption is a great way to help protect the sensitive data you’re sending back and forth, but it’s just one tactic within a company’s overall cyber security strategy. In addition, it’s important to carry out robust cyber exposure analysis and work with your broker to implement proactive risk management solutions. 

1January 2, 2019. Panda Security Media Center. “How to Encrypt Email (Gmail, Outlook, iOS, Yahoo, Android, AOL)”. Retrieved October 26, 2020

To give you the best possible experience, we use cookies on our website. Read our Privacy Policy to learn more.