Stop the LeakWhat Google Apps Admins Need to Know
About Email Encryption
Will Ackerly
Co-Founder & CTO
Introduction
Pulling Back the Covers: What You Need to Know
Alternative Approaches to Encryption
Virtru Demo
Point to Point (SSL)• Nice if your provider uses it, but can’t guarantee your recipient uses it
• Just because there is a green lock doesn’t mean it’s a secure communication
What Is Email Encryption? Point-to-Point
Encrypted
Content
Sender RecipientMail Client Google Server
Encrypted
Content Unencrypted
ContentUnencrypted
ContentUnencrypted
Content
Unencrypted
Content
Recipient’s
Mail Server
Mail Client
Encrypted
Pipe
? ?
May be
Encrypted
May be
Encrypted
Zix and Google Apps Message Encryption• Helps enforce point-to-point encryption
• Requires new account on a new system with distinct user name/password
What Is Email Encryption? Portal-based
Sender
Encrypted
Content
Mail Client
Plain Text
Content
Google Server
Plain Text
Content
Plain Text
Content
GAME Content
Server
Encrypted
Content
Mail Client
GAME Portal
Plain Text
Content
Encrypted
ContentLink to Portal
Recipient1st Interaction
Recipient2nd Interaction
Register Account
or Login
Virtru, PGP, S/MIME• Protection at rest and protection in transit
• Protects against compromised servers or lost clients
• Recipient must have access to encryption keys
What Is Email Encryption? End-to-End
Sender Recipient(Only Interaction)
Encrypted
Content
Stays Encrypted the Entire Time
Encrypted
Content
Encrypted
Content
Mail Client
Encrypted
Content
Google Server
Encrypted
Content
Encrypted
Content
Encrypted
Content
6
Tin Foil Hat Not Required
encryption becoming mainstream
Mainstream Encryption Requirements 7
Corporate Risk
CybersecurityRegulations
Regulatory Requirements 8
Doctor
Specialist
Hospital / Clinic
Health Records/PII Patient
Threat is that unprotected copies proliferate• Senders “Sent Items” on all your computers
• Recipients “Inbox” on all their computers
• Sender ISP/Company Servers
• Recipient ISP/Company Servers
Hacking and Surveillance 10
Identity Thief
Hacker
Sender Recipient
Cyber Criminal
Doesn’t Google Already do This for Me? 11
What Capabilities Are Required 12
Super Easy To Use
Anyone Must Be Able to Read
Give Senders Control of their Content
13
Virtru: Simple Email Privacy
As easy as Gmail
Protects emails and files
Send to anyone anywhere
Revoke, expire, control forwards
Control for Google Apps admins
DEMO OF VIRTRU FOR BUSINESS
What to do next 15
Try Virtru for Yourself
www.virtru.com
Try Virtru for Your Company
www.virtru.com/business
APPENDIX
17
Simple Email Privacy
Sender Recipient
(Only Interaction)
Client
ClientEncrypted
Content
Google SSL Connection
Server
Virtru Key Server
Encrypted
Content
KeyKey