Video Screencast Help
Encryption Blog

How to Prevent People Peeking at your Gmail

Created: 20 Jan 2010 • Updated: 05 Nov 2012
Brian Tokuyoshi's picture
0 0 Votes
Login to vote

Google Gmail has become a phenomenally popular service, with a user base estimated in excess of 150 million.  In addition to its popularity with consumers, Gmail has been gaining ground as a service for commercial users as well. One notable instance is the City of Los Angeles, which is spending $7.25M to move 30,000 email users to the Gmail platform. As more organizations start to take a cloud-based approach to their IT computing services, the need for enterprise-managed security starts to become apparent.

Last week, Google announced that its Gmail service was the target of an attack and that certain users may have had their email accounts compromised. In recent days, there has been a lot of interest in how to improve email security, especially when such services are exposed to the Internet and subject to attack from anyone online.

Google took the first step and announced that it will make access via HTTPS the norm rather than the exception, which will help protect users from the hackers at the coffee shop sharing the Wi-Fi connection. For enterprise users, however, HTTPS is not enough, because there must be protection for the data itself.  The best approach to implementing strong security for email is the use of end-to-end encryption, such as with PGP® Desktop Email. The implementation of cryptography makes email services safe from interception by any party in between.

PGP Desktop Email protects email from the time it leaves the sender’s computer all the way until it reaches the recipient. Nobody in between can read or modify its contents. Some of the reasons that our customers choose PGP Desktop Email include:

  • Support for Internet email services such as Gmail, as well as commercial platforms like Microsoft Exchange and Lotus Notes.
  • Works with any standards-based email client because it operates like a network proxy. It doesn’t require installing plugins in the email client.
  • Policy management and data recovery through deployment in conjunction with PGP Universal Server.
  • Based on open standards, so users can securely exchange email to other implementations of OpenPGP software.
  • Automatic support for the PGP Global Directory, which hosts a user’s public key to facilitate encrypted email exchange and signature validation.

Here’s how I use PGP® Desktop with Gmail.  I’m partial to Mozilla Thunderbird email client, but the process is similar when using other email clients.

Here’s my configuration in Mozilla Thunderbird.  Note that this is just plain vanilla stuff – PGP Desktop Email doesn’t change anything in the client.

pic1a

With PGP Desktop Email, I created a profile that identifies my email account and lets me fine tune some additional security settings. In lieu of this step, there’s also an option for using a wizard that automatically configures settings the first time the user accesses email.

pic2a

Looks like my new user (pgpdesktopuser@gmail.com) received a new encrypted message.  Since I published my test user’s key in the PGP Global Directory, PGP Desktop Email automatically looked up the key to use.

pic3a

Suppose that I’m migrating from Thunderbird to Microsoft Outlook.  I don’t have to change anything in PGP Desktop Email, all I have to do is fire up my Outlook client.  The encryption is transparent to the email client.

pic4a

That’s it in a nutshell. In summary, PGP Desktop Email is an easy way to provide strong security for hosted email services such as Gmail. PGP Desktop Email takes the risk out of using a cloud-based service by ensuring that data stays private all the way until it reaches the intended recipient.

PGP Desktop Email complements Gmail nicely through its POP/IMAP interface, and can be used both standalone (for home users and small offices) as well as with PGP Universal Server for large scale deployments.

For more information about using PGP Desktop with Gmail, see the information on the PGP Customer Support site.