Basic Email Traffic EncryptionBeits Livneh
Make (or not…) tons of money from advertising these guys: Cox, Gmail, Yahoo, and even AOL (yes… some people still use AOL…)
Recently a solo attorney contacted me for consultation regarding his Email service.
He’s using Cox for his Email service, and had a couple of questions.
- Am I secured enough and am doing justice with my customers if I use Cox?
- What are the alternatives?
Before I give the TECHNICAL answer, I wanted to explain to him (and you… dear readers…) that you will NOT be paid any marketing dollars from those companies, by promoting their names. Cox, like Gmail and AOL etc, get THEIR NAME out there, every time you send and email from your (their…) account. People see yourname@THEIR_COMPANY.com , instead of yourname@YOUR_LAW_FIRM_NAME.com . why would you advertise THEIR name instead of yours?
The second question I had for him was-
What would you feel like, if you want to a marketing company that users AOL or Gmail as their email address, and don’t even have their own domain name (@TheirCompany.com) ? on a marketing standpoint, it makes you look like a second class business that can’t afford $10/ YEAR domain name fee… it just looks bad, whether you like it or not…
THE TECHNICAL PART…
Am I secured enough using COX as my email address using Outlook?
The answer is NO, unless you have your incoming and outgoing mail servers on outlook (or whatever email client program you use. Yes Mac people… if iMail…) configured to use “SSL” or “TLS”.
SSL and TLS are secured/encrypted ways for your mail client (program) to connect with your mail server/ provider.
Here is an example:
iMail is set up with your Cox account, so it’s set up to check for new emails on “POP.COX.NET”, and to send emails using “SMTP.COX.NET”.
when you set up those incoming and outgoing mail servers, you should click on the “advanced” or “more settings” (depends on your program), and change the PORT numbers and encryption methods to use SSL. Here is how outlook shows it:
NON-SECURED (this is what outlook will set up automatically for you…
As opposed to:
SECURED method: this is where you want to change it to SSL/ TLS:
By changing the encryption to SSL / TLS, you basically encrypt the COMMUNICATION between your computer (or iPad, phone, etc) , and the Email server you use (like Gmail or Cox).
How do you know if your provider suppots SSL/ TLS, and what are the settings?
- Google it… as simple as that… 🙂
- For example- here is a page that will show you how to set up a secured, encrypted connection to your Cox account:
Services that are higher-end with features and financially established company, like Gmail and Yahoo, will FORCE your device/ program to use SSL in some cases, or will configure it automatically for you…
(Unfortunately, Cox has issues with their outgoing SSL/ TLS service, so we couldn’t get it to work. I called Cox after I hung up the phone with my customer, to ask if there are known issues. The technician said it’s usually an issue when people try to use SSL with the free Cox connection… )
Once we found that Cox won’t allow us to give the VERY BASIC PEACE OF MIND that we need to have, and that attorneys should consider to ethically protect their customers’ data, we decided to find a different solution.
What are the alternatives?
Besides the fact that Cox is not paying this person (or any of us…) to promote their business, we also want to make sure we have CONTROL over the email service, and the NSA etc…
Google and Yahoo, being VERY advanced and have great product, will offer their own benefits and security, but for basic user and for the encryption that we need to add, we needed to be a little more creative…
As a solo practice, that is still starting up, this person did not want to invest in a rebust solution that will cost lots of money. He wanted something affordable, but SECURE.
Here is what we came up with:
I referred my customer to my friend Michael, the owner of NetMoreNow (http://netmorenow.com/services) who offer 5 YEARS of hosting, for $50 !
This service will include Email hosting, and will offer my customer the ability to connect using secured SSL encrypted connection, to send and receive emails, to and from customers.
All he needs besides that is a domain name (Michael can help with that too, like many other places online), which cost $10 or so/ year…
Cox has limitation of mailbox size, they have very low-end back end features and flexibility, and if you move to an office/ home that doesn’t have cox- you are SOL… (or have to pay them $120/ year to keep your email account…)
Get your own domain name if you don’t have one already. Market yourself, and not YAHOO or Cox… Have the flexibility to encrypt your connection and add rules, features etc…
And more than anything- be smart like this customer who asked for our advice: he heard what his Ethics CLE instructor told him about Email protection… he asked a question, and he got a VERY affordable solution to implement.
By the way- he submitted his questions initially on our “ask us anything” portion on our website. Check it out and submit your own question, to get your own complementary consult/ recommendations!
We’re here to help…
PS- I’d like to add that this method is NOT a way to send your customers protected/ encrypted files/ emails… the SSL/ TLS encryption I describe above, is meant to protect your communication between your device, and the mail server you are using… once your email is delivered to the recipient, he can open it without having to “decrypt” it… to send secured / encrypted messages to another person, you will need a more robust solution… contact me if you have more questions about this part…