According to a 2012 study by the German interior ministry, email is the most popular communication technology and is used by 98% of SMEs. But, only 18% of SMEs actually encrypt their emails. Since Edward Snowden’s revelations however, this number has changed dramatically. A recent study from QSC and techconsult indicates that now nearly two thirds of SMEs have installed some kind of encryption technology. Despite this rapid increase in encryption technologies, only half of the employees actually bother to encrypt emails. This means that most encryption solutions are client based and the responsibility for encrypting emails lies solely with the end user – a risky business in the light of compliance conformance where the directors are personally liable.
Small and medium sized enterprises often deploy client based solutions which are relatively cheap or even free. The day to day use of such solutions however requires a high level of expertise. If the employees are not trained accordingly almost no encryption takes place. As some IT experts might joke – the problem exists between the chair and the keyboard. It is not that employees do not want to encrypt emails or have some hidden agenda – it is simply that client side email encryption is complex and error prone.
Investing in a field-proven central gateway solution for email encryption makes sense for large corporations but even more so for SMEs. Small specialised enterprises are often viewed as easy targets for industrial espionage and cyberspying. Furthermore, it is SMEs who do not usually have large IT departments who profit the most from solutions which can be deployed quickly, are simple to administer and are highly automated.
The Z1 SecureMail Gateway from Zertificon – which is now in its 4th generation – uses central policies to guarantee automated encryption without any end-user intervention or commands. The gateway can be configured to encrypt every single email which leaves the organisation or can be limited to specific recipient addresses or content. Compliance rules can be simply applied throughout the organisation and without exception.
The Z1 SecureMail Gateway looks after the complex key management including the creation and publication of internal keys and certificates. In addition, the acquisition and validation of external keys is fully automated by the gateway. Encrypted communication with recipients who do not have their own key, is facilitated with encrypted PDFs or an ad-hoc webmail inbox. Naturally Z1 SecureMail Gateway supports TLS and external email encryption services such as De-Mail.
Deploying a gateway means that employees do not have to be trained and along with system administrators can concentrate on their core activities. Directors have the peace of mind that a state-of-the-art solution is permanently delivering security and compliance conformance.