View
575
Download
0
Category
Tags:
Preview:
DESCRIPTION
This presentation provides a brief overview of alternatives email encryption for Google Apps. Presented at GCON 2014, Virtru founder Will Ackerly reviews the emerging need to secure email and offers an overview of alternative approaches.
Citation preview
Stop the LeakWhat Google Apps Admins Need to
Know About Email Encryption
Will Ackerly
Co-Founder & CTO
Introduction
Pulling Back the Covers: What You Need to Know
Alternative Approaches to Encryption
Virtru Demo
Point to Point (SSL)• Nice if your provider uses it, but can’t guarantee your recipient
uses it
• Just because there is a green lock doesn’t mean it’s a secure communication
What Is Email Encryption? Point-to-Point
EncryptedContent
Sender RecipientMail
ClientGoogle Server
Encrypted
ContentUnencrypte
dContent
Unencrypted
Content
Unencrypted
Content
Unencrypted
Content
Recipient’sMail Server
Mail Client
EncryptedPipe
? ?
May be Encrypted
May be Encrypted
Zix and Google Apps Message Encryption• Helps enforce point-to-point encryption
• Requires new account on a new system with distinct user name/password
What Is Email Encryption? Portal-based
Sender
Encrypted
Content
Mail Client
Plain TextContent
Google Server
Plain TextContent
Plain TextContent
GAME Content Server
Encrypted
Content
Mail Client
GAME Portal
Plain TextContent
Encrypted
Content Link to Portal
Recipient1st Interaction
Recipient2nd Interaction
Register Accountor Login
Virtru, PGP, S/MIME• Protection at rest and protection in transit• Protects against compromised servers or lost clients• Recipient must have access to encryption keys
What Is Email Encryption? End-to-End
Sender Recipient(Only Interaction)
Encrypted
Content
Stays Encrypted the Entire Time
Encrypted
Content
Encrypted
Content
Mail Client
EncryptedContent
Google Server
EncryptedContent
EncryptedContent
EncryptedContent
6
Tin Foil Hat Not Required
encryption becoming mainstream
7Mainstream Encryption Requirements
Corporate Risk
CybersecurityRegulations
8Regulatory Requirements
Doctor
Specialist
Hospital / Clinic
Health Records/PII Patient
9Information Leaks
Customer List
Competitor
Sales Repbill@yourcompany.com
Sales Repbill@gmail.com
10
Threat is that unprotected copies proliferate• Senders “Sent Items” on all your computers• Recipients “Inbox” on all their computers• Sender ISP/Company Servers• Recipient ISP/Company Servers
Hacking and Surveillance
Identity Thief
Hacker
Sender Recipient
Cyber Criminal
11Doesn’t Google Already do This for Me?
12What Capabilities Are Required
Super Easy To Use
Anyone Must Be Able to Read
Give Senders Control of their Content
13
Virtru: Simple Email Privacy
As easy as Gmail
Protects emails and files
Send to anyone anywhere
Revoke, expire, control forwards
Control for Google Apps admins
DEMO OF VIRTRU FOR BUSINESS
15What to do next
Try Virtru for Yourself
www.virtru.com
Try Virtru for Your Company
www.virtru.com/business
16
Simple Email Privacy
Sender Recipient(Only Interaction)
MailClient
MailClientEncrypted
Content
Google SSL Connection
GoogleServer
Virtru Key Server
EncryptedContent
KeyKey
Recommended