Automatic email signing & encryption

E-mail signing focuses on verifying the authenticity and integrity of the e-mail and protecting against rejection, while e-mail encryption primarily ensures the confidentiality of the e-mail content. Both mechanisms play an important role in e-mail security, but they deal with different aspects of securing e-mail communications.

E-mail signing ensures e-mail authenticity and integrity by verifying the identity of the sender and revealing any tampering during transmission. It provides non-repudiation, preventing the sender from contesting the sending of the e-mail. E-mail signing builds trust by verifying the signature with trusted certificate authorities, reducing the risk of fraud. It helps fight e-mail spoofing and phishing, protects sensitive information, and reduces the likelihood of falling victim to scams.

While e-mail is a widely used method of communication, it has inherent vulnerabilities that can compromise the confidentiality and security of your messages. Without encryption, the content of your e-mails is transmitted in clear text that can be intercepted and read by malicious actors or unauthorized persons. E-mail encryption protects the confidentiality of your e-mails by turning them into an unreadable ciphertext that makes it difficult for unauthorized persons to access the content. It protects sensitive information and helps with regulatory compliance. In the event of e-mail breaches, encrypted e-mails provide an additional layer of protection that mitigates the effects of unauthorized access. Encryption allows recipients to verify the authenticity of the message, increasing trust in the communication. It also protects against man-in-the-middle attacks and ensures the integrity of content in transit.

Indeed, using DMARC, DKIM and SPF (Sender Policy Framework) is good practice for e-mail security and can help protect against e-mail spoofing and phishing attacks. These mechanisms are primarily aimed at verifying the authenticity of the sender's domain and preventing unauthorized use of your domain for e-mail purposes. While they provide important security measures, they do not address the confidentiality of the e-mail content itself. Email signing and encryption serve different purposes and provide additional layers of security.

Thanks to the patented GINA process, users of the SEPPmail Secure E-Mail Gateway can send encrypted e-mails to recipients who do not use encryption software or do not have an encryption key. They call it GINA on-the-fly Encryption. The GINA method encrypts e-mails using the latest and most secure public key standards and does not require any software installation on the sender's or recipient's side. The encrypted e-mails can be received in the normal e-mail program and decrypted by entering a password. This patented method is unique worldwide and has brought SEPPmail several technology awards. It enables a secure and confidential exchange of information in the simplest possible way.

The GINA portal of Naveum's SEPPmail service is hosted in Naveum's highly secure data centers in Switzerland.