idcloak on Google+


More options
Proxy server settings:


The Top 12 Features of a Secure Email Service (9-12)


Part IV of Email Secure Server: 12 Must-Have Features

9. Allows communication with non-service users: Communicating securely shouldn't be limited to people using the same service. A secure email service should allow you to send and receive messages from users of other email services that don't use encryption. This ease of use means that you can use the secure email service as your primary service and not have to jump back and forth between email accounts when you do want to send a regular email.

Descriptive Image

10. Challenge-Response Authentication Method CRAM: No matter the length and complexity of a password or the security characteristics of the log in process, an eavesdropper can capture a password and use it to access your account. However, with Challenge-Response Authentication Method, your password is never sent in clear text over the Internet – it is never sent at all. When you want to sign in to your email, the secure email server generates a random number and sends it to you. You encrypt the number with your password and send it back to the server. The server also encrypts the same number with your stored password, and if they both match, then the server will accept your request and you'll be allowed to access your email. So the only thing passing over the Internet is the encrypted random number that changes each time you log in to your email account.

11. Two-Factor-Hardware Authentication: To make this even better, you can store your private key on a special USB stick –a hardware token– which means your encryption is portable and you're able to use it where ever you go and on whatever computer you use. And because the key resides on the token, all of the encryption and decryption happens there, not on the computer. It is all done with specialized hardware, meaning that if your computer or the one you're using for the moment is infected with a trojan, there's no way for it to access or extract your private key.

12. Good customer service: Quite a few of the secure email providers have made it big with great promises and services, and then quickly lost a great deal of their clients for good reason: poor or non-existent customer service. An email service, especially one you pay for, should have a high quality customer service department to help you with anything you need. If you have any questions or problems, they should be resolved quickly and effectively and you should be able to reach live support at any time. Remember, you're paying for the security of your email and good service, and you should get just that.

Written by: 
Robin Welles; expats team, internet security team