Gmail TLS Email Encryption – is it good enough?
Major cloud email services such as Gmail and Yahoo Mail announced their use of TLS about two years ago (TLS is transport layer security – a type of encryption that can be applied to email transmissions). Both services announced they would send email (and attachments) using TLS whenever possible – which means – whenever the receiving email service or server is configured to accept TLS encrypted email.
For the average user – this is a good thing. We certainly hear enough these days about unsecure email and exposure of private conversations – so we should all be thinking about using a secure email service just to keep our communications private. After all – if we wanted them to be public – we could always post them on Facebook! And private conversations can cause harm if exposed to the wrong people – even if there’s nothing nefarious being disclosed regarding our business or personal dealings.
As noted – TLS has been the default transmission policy for Gmail for at least two years – but it was just brought to my attention that you can check if a Gmail message is sent or received using TLS by clicking on the ‘details’ of the message. It looks like this:
Gmail offers details of what TLS encryption is and how it is applied – ‘Learn More’ will take you to a page that describes what is happening when Standard (TLS) encryption is being used:
“TLS is being adopted as the standard for secure email. While it’s not a perfect solution, if everyone uses it, snooping on email will be more difficult and costly than it is today.”
‘While it’s not a perfect solution’ – this means it’s applied ‘opportunistically’. If the far end email service/server is configured to accept TLS – great – everything is secure end-to-end. If not – it drops back to unsecure delivery – and the risks of exposure that presents.
Gmail links to another page that goes into more detail about how TLS works – and again notes that it’s not going to work all the time:
“Whenever possible, Gmail protects your info by using Transport Layer Security (TLS) to automatically encrypt emails you send or receive. TLS doesn’t work with messages from some email services.
If you’re on a computer or Android device, you’ll know an email is not encrypted when you see the No TLS icon or . It looks like an open red padlock.”
SafeTLS Trumps Opportunistic TLS Email Encryption
Where Gmail’s ‘opportunistic TLS’ is good, DataMotion SafeTLS is better. As an overlay to virtually any email service or address, SafeTLS checks the availability of TLS email encryption before it send the message – and if it is not available, it falls back to an alternative email encryption method that is not dependent on the recipient’s email service or server – so it always works.
SafeTLS gives users and recipients the best of both worlds. TLS is great because it is virtually transparent to the sender and recipient – it just works, and there’s no complexity to receiving the message or attachments. But to be really confident your message is secure (READ COMPLIANT!) – SafeTLS is the way to go. Yes – there’s a small cost to have it. But exposing your secrets, or the regulated information of a patient, partner, or business associate – can cost a whole lot more – in reputation, notification costs, fines or intellectual property loss.