Print

Print


Encrypting e-mail in my definition would be encrypting the contents so only 
the recipients will be able to decrypt and read it. The context is 
administrators and and staff exchanging sensitive information like SSNs to 
perform the business of the university like making sure you are paid. 
Working with HR and Payroll types, this is a real issue for people doing 
their jobs. It will be a major project to get this working so all admin 
types are able to use it. It almost has to be seamless and work with all 
e-mail clients used on Campus. If not some folks may need to change e-mail 
clients and you know what the word change does to some folks. 

Yes there is the question of forwarding the e-mail and how do you handle the 
original message. I would assume encrypt the entire message to include the 
original so the new recipient could decrypt and read it. 

The other issue is how the e-mail is stored on both servers and local PCs. 
It should be store encrypted and only decrypted when read. That could 
eliminate some of the exposure we have of sensitive data on workstations. 

Rick 

John Valenti writes: 

> Rick, 
> 
> MSU's central email system has used encryption since the re-design of  
> a few years ago. POP, IMAP and the web interface all use encrypted 
> connections. 
> 
> The mail isn't encrypted on the mail servers, maybe that is what you  are 
> asking about?   I haven't seen a big need for that, at least in  our 
> department.  
> 
> Perhaps this would be a good reason to suggest not forwarding email  
> to another system (or to keep all participants within mail.msu.edu). 
> 
> -John
> LIR 
> 

I'm not aware of any e-mail systems encrypting locally stored e-mail
messages. I know that Google doesn't from our presentation this week. Its
true that we can transmit data to mail.msu.edu encrypted, and as you pointed
out the weak point is the e-mail to e-mail server connections. 

It sounds like someone would like a PKI, public key infrastructure, for
encrypting individual messages. Implementing a PKI for campus would be a
large project to undertake. 

 -Ed