[SLUG] GPG key signing party
David Knight
pandmscardk at googlemail.com
Thu Mar 13 13:24:42 GMT 2008
Stephen O'Neill wrote:
> David Knight wrote:
>> should I be worrying about the lack of encryption in emails staff are
>> sending to each other?
>
>
> Full on encryption may be overkill. However simply signing may be
> useful as it would allow you to verify that the sender is who they say
> they are and that the message wasn't tampered with along the way
> (including viruses being attached).
>
> Sending signed to customers should be done with caution if they might
> be using Outlook Express as they may grumble about the presentation of
> the emails.
>
I'm using the Thunderbird Profile Manager with IMAP gmail accounts, the
password to which the user can alter to his/her preference. I'm not sure
if this is a particularly secure solution but it was easy to setup and
allows multiple users to access their messages from within and without
the three buildings.
Of course the majority of the traffic is boring irrelevant pap as is the
way with company email. I'm just a little concerned about the
possibility of unencrypted confidential client data being intercepted
which I believe is covered by the data protection act. Signing relevant
messages sounds like the way to go. That way the majority of the
messages can be unencrypted, only the sensitive information encrypted.
Time to search for plugins...
-------------- next part --------------
An HTML attachment was scrubbed...
URL: http://mailman.lug.org.uk/pipermail/scarborough/attachments/20080313/a341ecf5/attachment.html
More information about the Scarborough
mailing list