ENCRYPT YOUR EMAIL
MAKE SURE YOUR EMAIL PROVIDER SUPPORTS SECURE METHODS FOR SENDING AND RECEIVING EMAIL.
For webmail providers, that means ensuring you’re always logging on through https:// to prevent your password being sniffed out by hackers. In the case of major providers such as Google, this should now be the default, but also look for other ways in which to protect your account — see the ‘Protect Online Accounts’ box over the page.
If you use a traditional email account, check with your provider that it supports SSL, the protocol that establishes a secure connection, and verify you’re using those settings in your email program to send and receive messages. This ensures that your username and password are encrypted when sent to or from the server.
As things stand, however, the content of your email isn’t encrypted during transit, and is easily readable. If your mail provider supports TLS, it’s possible to encrypt emails you send to and receive from other email providers that they also support TLS. Taking Gmail as an example, the feature is enabled by default, but look for an open red padlock when composing emails — this indicates that the receiver doesn’t support TLS, so the conversation won’t be encrypted. Check with your email provider to see if TLS is supported, and what settings you need to apply in your client app, and check to see if it’s able to make it clear which conversations are encrypted and which aren’t.
If you want to go further (with co-operation from other individuals), look at implementing PGP mail encryption. This encrypts the mail before it’s sent, and then the recipient uses PGP at their end to decrypt the mail once it arrives. Wizards make it relatively easy to set up, but Google your email client (or webmail provider) and ‘pgp’ to find out more.