Go Back > Discussions about Email Services > The Technical Zone...
Register FAQ Members List Calendar Search Today's Posts Mark Forums Read
Stay in touch wirelessly

The Technical Zone... The Geeky forum... Use this forum to discuss technical aspects of email, from authentication protocols to encryption.

Thread Tools
Old 3 Apr 2018, 09:10 AM   #1
The "e" in e-mail
Join Date: Nov 2005
Location: San Francisco
Posts: 2,278
Encryption at rest on email servers - Important?

General questions for discussion:
  1. What security risks does email encryption at rest mitigate?
  2. How important is encryption at rest from the data security standpoint?
  3. Which email providers encrypt their customers data at rest?
I'm not referring to encryption in transit that occurs when both the sending and receiving email systems support SSL or TLS. Rather, the questions are regarding messages filed in a customers account.

I assumed that having email data encrypted at rest on my email service providers' machines would help to prevent someone from stealing my data by hacking. Of course, encryption would not prevent theft of data if the hacker were using my login credentials. Is the security benefit of encryption at rest limited to preventing someone from accessing data when a physical drive is stolen?

I'm pretty sure that Google encrypts Gmail data a rest. Microsoft encrypts its business accounts. I'm not sure about free And of course the paid email services that advertise a high level of security such as LuxSci encrypt data at rest.
William9 is offline   Reply With Quote

Old 4 Apr 2018, 06:54 AM   #2
Essential Contributor
Join Date: Feb 2017
Posts: 279
Not sure really, since I think the largest danger is giving up your login information via a phishing attack or other malware. Once they have your credentials and can unencrypt your emails anyway, what does it matter? I suppose there is some vulnerability at certain email providers that your emails can be read by staff or access given via some backdoor, and then if they are encrypted nobody should be able to read them. With smaller providers there is really nothing other than trust that they won't read your email.
TenFour is offline   Reply With Quote

Thread Tools

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

vB code is On
Smilies are On
[IMG] code is Off
HTML code is Off
Forum Jump

All times are GMT +9. The time now is 06:26 PM.


Copyright 1998-2013. All Rights Reserved. Privacy Policy