Among the more common analogies used to describe an email sent across the Internet is that it is like a postcard that anyone can read along the way. However, an email or file sent in clear text offers much more exposure than a postcard because of the nature of transmission itself. When an email or file is sent it is copies to at least two servers, but often many more than that. These copies are sometimes included on backups at various points between the user and recipient. Content is inspected at various firewalls through which the email passes, exposing it to copying and interception. IT staff members at any of the points at which an email might be stored or through which it transits have access to these emails, perhaps using traffic monitors or packet sniffers that look for particular keywords or other content.

The problem, however, is not limited to just email systems. A growing number of organizations are turning to dedicated file transfer systems to address the growing number of files they send. Increasingly, these systems are a critical component of essential business processes in their own right, and content sent through these systems must also be encrypted to ensure the integrity of the information sent through them.

Read this white paper for a discussion of the key issues related to encryption for both email and file transfer systems, some of the leading statutes that require sensitive content to be encrypted, and suggestions for moving forward with encryption. This white paper also briefly discusses PGP Corporation and their relevant offerings.