Signatures and encryption

E-mail encryption methods (such as S/MIME, PGP, proprietary Web mail portals, and so on) to protect e-mail both within an organisation and externally are increasingly used.

General introduction problems

Encrypted e-mail is no longer searchable. Users can no longer retrieve past e-mails based upon message text keyword searches.

Some users respond by turning e-mail subject lines into more descriptive headings that can be more easily found using keyword searches, but at some point, senders begin to reveal information that should probably be protected within the encrypted body, defeating the purpose of encryption.

For security operations it can be a horror scenario. Encryption defangs antivirus scanners, DLP (data loss prevention) tools, and e-mail archiving and retrieval systems. Outgoing email can be scanned before encryption, but for incoming messages, where the scanning is done on a gateway or by an external service provider, this can be problematic.

In short, it conflicts with many other possible defences.