What is Encryption?
When you send an email without encryption, it’s like sending a private message on a postcard – anyone who handles it can read its contents. At its core, encryption works by converting the readable data of an email into a scrambled format. Basically, the contents of that email turns into gibberish so that nobody can read it. The point is to keep the email private while it’s in transit from you to the recipient.
Even though most email services use some form of encryption for data in transit, this is not the same as end-to-end encryption. With end-to-end encryption, only the sender and the recipient can read the message. This method effectively prevents anyone else, including email providers, from accessing the content of your messages.
While many of us might feel that we have little to hide and aren’t overly concerned about others reading our communications, it’s important to understand how our information could be accessed. Encryption helps to safeguard our personal information, which may contain sensitive details about our personal finances, family matters, or other private information.
Encryption works by installing software on your computer that lets you generate two digital keys. One key is a public key that you can make available to anyone who might want to encrypt a message and send it to you. The other key is your own private key that lets you decrypt the messages you receive.
Data Vulnerability
If emails aren’t properly encrypted they are vulnerable to exploitation. Free email services such as Gmail or Yahoo have the ability to scan the contents of your emails, and they often give third party developers access as well for advertising purposes. It’s how they make money. Read our blog post about free email services.
Assumed Surveillance
Given that certain agencies monitor internet communications, it’s prudent to assume that anything you send via email could be intercepted. Yes, governments snoop on us. They may collect and store vast amounts of data, and encryption acts as a safeguard against such surveillance. By encrypting your emails, you can communicate freely without the anxiety of being monitored or censored by authorities.
Control Your Privacy
By managing your own encryption, you take control of your data privacy. In case of a data breach, encrypted emails remain unreadable to unauthorized individuals, reducing the risk of sensitive information being compromised. Rather than relying on anyone else to protect your information, you can ensure that it remains confidential.
1. Between You and Runbox
When you use Runbox Webmail, every email you send or receive is encrypted during its journey between your device and our servers. This ensures that data is always secure in transit between you and Runbox’s servers, and between Runbox’s servers and the recipient. This encryption safeguards your messages from potential interception, ensuring that your communications remain confidential.
If you prefer to use an email client like Outlook, Thunderbird, or Apple Mail, you can still enjoy the same level of security by connecting through our mail.runbox.com server. This means your emails are encrypted during transfer, providing peace of mind whether you’re accessing your inbox via web or client.
While your emails are encrypted during transfer, it’s important to note that they are not currently encrypted while stored on our servers. However, because our servers are housed in a highly secure facility in Oslo, Norway, there are stringent measures to protect your data. Not only is your data protected by the strict privacy laws in Europe; our servers are housed in a highly secure data center. You can read more about our commitment to security and details about our privacy protections.
2. Between Runbox and Other Email Services
When our servers handle emails sent to and from other email providers, we always aim to establish a secure, encrypted connection. This process begins when our server “asks” the recipient’s email service if it can use a secure connection. If the other server agrees, your email is transferred securely, shielding it from prying eyes.
However, not all email services support secure connections. If the recipient’s email server can’t accommodate this, your email will be sent using standard protocols. In this case, unless you encrypt the email content yourself, there’s a risk that it could be read if intercepted during transmission.
It’s crucial to understand that while we make every effort to use secure connections, Runbox has no control over the email services you correspond with. Therefore, while this secure transfer facilitation is beneficial, it’s not a complete guarantee of privacy.
3. Additional Protection of Your Email
If you don’t want anyone to be able to access your emails, end-to-end encryption ensures that only you and your intended recipients can read the content of messages. There are two popular methods for encrypting email this way; PGP and S/MIME. Runbox supports both standards, which can be used with an email client or with Runbox Webmail. These are free and open source. Here is an overview.
– PGP (Pretty Good Privacy):
PGP is the easiest encryption standard to get started with. It is based on a “web of trust” because it only involves the sender and recipient, and assumes that they trust each other. Both sender and recipient must have PGP installed, and messages are encrypted using the recipient’s public key. Despite the name, PGP is considered to be cryptographically very strong and is probably the most popular email encryption standard today. To get started with PGP, see our Encrypting and Securing Email Using OpenPGP help page and https://help.runbox.com/using-openpgp-some-things-you-need-to-know/.
– S/MIME: Secure/Multipurpose Internet Mail Extensions:
S/MIME requires a digital certificate from a Certificate Authority. While it offers strong security, it can be more complex to set up than PGP. The functionality is built into most major email client programs. Both parties must have an S/MIME enabled email client. This method is also based on a “chain of trust”. A certificate obtained from a Certificate Authority validates the sender’s identity and makes the public key available to others.
– Mailvelope
Mailvelope is a user friendly browser add-on for Firefox and Chrome. The extension enables users to encrypt and decrypt emails using PGP (Pretty Good Privacy) directly within the Runbox Webmail. It provides a simple interface for managing encryption without needing extensive technical knowledge. You can install the Mailvelope extension from the Chrome Web Store or Firefox Add-ons. Then you can generate a PGP key pair (public and private keys) through Mailvelope. Here’s how.
Final Thoughts
Encryption can be a vital tool for protecting your communications. At Runbox, we strive to make it as straightforward and secure as possible. By understanding the layers of protection we offer, you can take proactive steps to ensure your emails remain private. By adopting end-to-end encryption practices, you ensure that your emails remain confidential and secure from unauthorized access.
Runbox has a pretty extensive help section that will help guide you in setting up encryption for your email. We encourage you to check it out because this is a blog post and we can’t include everything here!
See Encrypting Your Runbox Email for an overview of email clients that you can use and their encryption support.