Encryption: consider five key points

In today's business world, email traffic brings with it numerous risks. Today, companies can protect themselves quite well against spam, but it is somewhat more difficult to prevent the intrusion and spread of malware. This requires complex measures. According to QSC AG, however, the greatest danger emanates from unencrypted business e-mail traffic, because anyone can read the information on the way from the sender to the recipient without much effort. If companies want to prevent this, they have to effectively protect their confidential e-mails. The FTAPI Software GmbH, a QSC AG company, names five important aspects:

1. sensitive data must be encrypted: Companies have invested a lot of money in spam filters, virus protection and firewalls to improve their IT security. However, e-mailing and the associated risks are largely ignored. If confidential data - and this affects around two-thirds of all business information - falls into the wrong hands due to theft, the result is quickly a high level of material damage and often also massive damage to the company's image. Effective, end-to-end data encryption raises the barriers and makes it as difficult as possible for attackers.

2. mere transport encryption is not sufficient: When there is talk of transport encryption via HTTPS, companies should be alert. Protection then only exists on the way from the sender to the servers of an e-mail provider. There, the data is in plain text, at least for a short time, and there is a risk of theft or manipulation. Transport encryption is not sufficient for the exchange of confidential data. It must be supplemented by additional procedures.

3. end-to-end encryption is essential: True end-to-end encryption only exists if the sender encrypts the confidential data on his end device, it remains unchanged on the entire path, and only the recipient converts it back into plain text with his password. An encrypted e-mail transfer in combination with a virus scanner does not meet this requirement, because this requires the data to be decrypted on the e-mail provider's server, creating a dangerous security gap.

4. ensure protection of data according to the public-private key principle: The principle of public and private keys provides an effective method for protecting data. Confidential data is encrypted with public keys that the provider of an encryption solution keeps in a central location. The sender encrypts an e-mail for a business partner with a public key, who decrypts the message with his private key. The private keys are also stored in encrypted form and are accessible via a password that is known only to the respective recipient of the e-mail.

5. encryption solution should be based on "zero knowledge": The "zero-knowledge principle" must be used for end-to-end encryption. It is considered by security experts to be a very efficient means against cybercrime. In this case, even the provider of an encryption solution or a cloud storage service have no access to the key management. They cannot obtain the key needed for decryption in order to gain insight into customer data.