top | item 46259092

(no title)

The US federal government issues its employees smart cards (Common Access Cards) that contain digital certs. Government employees can use these to send and receive S/MIME encrypted emails. That's a couple million users!

Our small company has been encrypting all emails by default with S/MIME for 15-20 years. A company can generate its own certs for free from a company root cert, use a provider like Sectigo for $20/year, or get US Government ECA certs for about $100/year.

You can read encrypted emails on company-managed mobile devices that have Knox chips to secure access to the certificate. We're careful to back up all our old keys so we can always read old emails.

Some drawbacks are:

- Email "search" features only see the subjects, not the contents, of encrypted emails.

- You can't read encrypted emails via web email.

- Few others have S/MIME certs. Most major government contractors seem confused when we ask about encrypting emails with them...

Johnny may not encrypt, but every business really can.

discuss

No comments yet.