---

Consider encryption
software to keep
e-mail private

AS IF WORRYING about viruses, hackers, spam and spyware isn't enough to give you heartburn, the issue of e-mail security should also give you pause to reflect. The goal is to keep your e-mail unavailable to unauthorized individuals who might be interested in reading it.

The logic behind this is obvious. After all, you wouldn't want your personal letters posted up on a bulletin board for all to read, just the same as you wouldn't want strangers to hear your telephone conversations. What most people don't realize is that e-mail sent over the Internet without encryption is the equivalent of sending a postcard. Anyone with a modicum of technical prowess has the ability to read e-mail.

The solution to this is to implement a form of e-mail encryption -- that is software that will scramble your e-mail message to prevent people other than the intended recipient from seeing it.

Needless to say, you don't have to be a CIA agent to want to keep prying eyes out of your inbox. If you're an MD, a psychologist, a police officer, a banker or even an ordinary citizen, you can't compromise on security.

So how does encryption work? In order to use encrypted e-mail, you'll need software that will allow you to create two keys:

One key, the public key, is used to scramble e-mail contents. The other key, called the private key, unscrambles the message. The concept is to distribute or exchange your public key, which will enable others to send you e-mail that only you can unscramble. Since your private key is the only way to decode the messages, you'll want to keep that your secret.

An analogy might be something like this: Let's say that you have a group of people from whom you'd want to receive sensitive documents. You don't want anyone to read or tweak them enroute to your office, so you decide to distribute big fat locks and metal safe deposit boxes like you'd find at your bank. You're the only one with the key and only you have access the contents.

What type of encryption technology should you consider?

Many security professionals are fond of PGP, which stands for "Pretty Good Privacy" (www.pgpi.org). This is a standard that has been around since 1991 and has received a great deal of attention in the media because even the FBI can't crack it. There are a number of open source, shareware, and commercial versions of PGP. (Chances are you're not going to need the industrial strength version that Fortune 500 Corporations use).

Note that encryption is not just an issue with e-mail. With the preponderance of new USB flash drives, users should be concerned about these gadgets falling into the wrong hands. Fortunately manufacturers are responding to this.

---

.