How secure is e-mail?
The short answer is “It depends”.
- An e-mail message sent from one member of the UHCL community to another can be considered reasonably secure, but only if both connect directly to the University's Exchange server using Outlook or Webmail, and the recipient is not forwarding email to an non-University e-mail account.
- An e-mail message exchanged between a member of the UHCL community and someone using an account on a non-UHCL e-mail system is definitely insecure.
E-mail exchanged between two UHCL users
Standard e-mail systems, such as Microsoft Outlook/Exchange, transfer e-mail in a reasonably secure manner as long as the e-mail message remains within a single email system. When an e-mail message is sent from Outlook (or Webmail) on a UHCL sender’s computer to the University’s Exchange “post office” server in our data center, it is transmitted in an encrypted, unreadable form. Once the UHCL “post office” server receives the e-mail, the e-mail is decrypted before being stored in the UHCL recipient’s Exchange mailbox in a readable form. When the recipient retrieves the e-mail message from the server, the message is again encrypted on its way from our internal “post office” server to Outlook (or Webmail) on the recipient’s workstation. In a nutshell, the contents of a UHCL-to-UHCL e-mail message cannot be read on the network itself.
One might ask at this point whether someone could view an e-mail message while it is sitting unencrypted on our “post office” server. The answer is yes - with the right system privileges, e.g., system administrators. The security industry as a whole acknowledges this fact and have developed “best practices” to mitigate the risk, and we at UHCL strongly support these best practices.
E-mail between a UHCL user and a person using an off-campus e-mail system
The exchange of e-mail messages between users of UHCL email and those using an external email system, such as a public e-mail service or the e-mail system of another organization or agency, is considered NOT secure by virtually every expert in the field, unless the e-mail exchange is augmented with end-to-end encryption software. The reason is that, because there are millions, if not billions, of email users world-wide across thousands of email systems, the world-wide email infrastructure is stuck using an inter-post-office email exchange system that dates back to the 1950’s when the implementation of security controls was not a high priority. As email travels from one “post office” to another, it is completely readable and modifiable by anyone who can access any computer or piece of networking equipment between the sender and the recipient. Unlike UHCL-to-UHCL e-mail where we know a lot about our own security standards and practices, we have no idea about the security of the many e-mail and inter-networking services outside of our campus.
How have people addressed the inter-post office security issue? The typical answer is that virtually all organizations advise against sending any sensitive information via e-mail – many experts would rather that you FAX it. Nonetheless, there are a few products available that allow the sender to encrypt the contents of an e-mail message before it leaves her or his computer, and allows the recipient to decrypt it only after it is received, but these products must be installed on each participating computer and may involve licensing or subscription fees for both you and any recipients with whom you intend to exchange e-mail. The less expensive products are quite awkward to use. The more expensive ones integrate with common e-mail systems very seamlessly. If sending or receiving secure e-mail to/from off-campus recipients is something that you require, contact the Information Security Office through the UCT Support Center at extension 2828 or email@example.com for guidance on an appropriate solution.