Secure Email Alternatives

Email is like a post-it note in the lunch room: even though it may be intended for a single person, anyone with access to that room can take a look. This is particularly true of business email servers, as they are frequently the target of office snoops.

Two alternatives have emerge: first, encryption software, then web-based messaging services. However, both of these so-called “solutions” have languished in relative obscurity–at least in the business world–because of the barrier they created between the business and potential customers.

Email Encryption Software

Software solution tend to be very secure… if you could only get your contacts to install it! Good luck convincing your customers–or even your employees–to use any system takes time, effort, or learning, as it violates the first law of usability: “Don’t Make Me Think.” For instance, PGP–freely available for 10+ years–is probably the most popular email encryption software, and yet is rare in business because of the burden it places on contacts to download and install it before you can communicate.

The bottom line is this: consumers’ Gmail accounts are familiar and feel safe, and employees often see security measures as an obstacle to productivity. Even if you can get control of your wayward, web-mailing workers, customers just want to click “send”, and quickly will depart your website if prevented from doing so.

Web-based Messaging Services

Have you ever sent a message to a company via a form on their web-page? How about MySpace… do you have an account? If so, you’ve used a web-based messaging service.

Web-based messaging services take another approach, requiring only that you visit a web-page to communicate. Similarly to web-mail, you must sign in to retrieve your messages; but unlike web-mail, the message stays on a single, privately owned server rather than circumnavigating the globe in a network of SMTP server and routers (in a test, my email passed through 13 routers to reach Gmail–that’s 13 different places my message may now be stored, scanned and read!) . But although the “send us a message” page on corporate websites has become ubiquitous, two-way communication with the outside world remains illusive as consumers have been reluctant to abandon email. They are, however, being gradually converted to web-based messaging by some very popular social networking services…

I find it ironic that social networks like MySpace and Facebook–which thrive on the exploitation of aggregate customer info–are blazing the trail for public acceptance of web-based messaging. In fact, some of the appeal of MySpace to consumers is quite similar to the desires of business: a relatively spam-free way for anyone to contact you, and an automatically expanding network of trusted individuals with whom you have two-way communication. There’s just one thing it doesn’t have… a way to securely send a private message to any email address.

Secure Web-based Messaging To Any Email Address

This is the holy grail of electronic communications. Hushmail was one of the first popular messaging services using SSL web-pages which enabled their members to communicate securely with one another, and send links to non-members to view the same message in their web-browser. Their success was groundbreaking; unfortunately, the original clunky interface has changed little since the early days and, while cheap, has little appeal to serious business users.

The concept is still valid though, and plenty of other companies (LuxSci, Postini, ZipLip, and our own PrivacyHarbor, for example) are willing to add the business-class capabilities which Hushmail lacks. And, since services like Facebook demonstrate that consumers are willing to use private messaging services, the goal is clear: create a service that feels like familiar email, that can both receive and send secure messages to anyone (be they coworker or customer), and that satisfies the privacy and productivity concerns of business.

Predictions…

You’re going to see more and more companies begin to use web-based secure messaging services that feel and work like regular email. I predict that the success of these services will be found in there ability to emulate popular social networking sites in a more secure fashion, rather than in their ability to impress the email compliance departments of large corporations.

reddit | digg | del.icio.us

Explore posts in the same categories: secure email

Tags: email, PGP, privacy, secure email, security

You can comment below, or link to this permanent URL from your own site.