E-mails are considered to be one of the most important forms of communication in the business environment. But only every second company uses end-to-end encryption methods such as PGP or S/MIME, which are already considered tried-and-tested and reliable protective measures for e-mail communication.
To date, encrypted e-mails are used by just over half (55 percent) of German companies. This is the result of a survey by YouGov on behalf of mailbox.org, the Berlin-based email service specializing in data protection and data security. The survey was conducted in July 2022 and is based on online interviews with more than 500 IT decision-makers in small and medium-sized German companies from various industries.
Only every second company encrypts emails
As part of the survey, decision-makers were also asked why they did not use end-to-end encryption for their email communication. Almost half (49 percent) stated that their customers are not expected to have encrypted communications, 37 percent see no need for encrypted communications internally in the company and 22 percent find the setup and management of email encryption too complicated.
These justifications, although understandable at first glance, are often based on incorrect assumptions, missing information or are simply too short-term. Peer Heinlein, managing director of mailbox.org and himself a Linux and mail server specialist, comments on the three most frequently mentioned reasons:
Reason #1: "Our customers don't expect encrypted communication."
"That shouldn't be an argument! Encryption not only protects customer communication, but also your own. This should be a must for responsible companies, regardless of customer expectations, if they want to secure their own future. In addition, in business communication, especially in an international environment, there are still legal requirements and compliance standards to be observed, which - also independent of customer expectations - are easier to fulfill if appropriate measures and processes are established from the start."
Reason #2: "The company sees no need for encrypted communications."
“It is impossible to say whether a trivial piece of information from today will become an explosive detail in the future. Nevertheless, encrypted communication in companies often does not have a strategic priority until there is actually a violation of data protection and data security. But by then it is too late and those responsible must face the financial, legal and reputational consequences of such an incident. The more effective and less damaging approach for the company is to preventively minimize these risks in any case and to rely on end-to-end encryption from the start.”
Reason #3: "Email encryption is too complicated to set up and manage."
“This is likely to be the case, especially when companies try to provide their entire e-mail infrastructure themselves. Even if the appropriate IT experts and resources are available in-house, they usually also have to take on numerous other IT-related tasks. In addition, ensuring seamless end-to-end encryption of all email communication can actually push many IT teams to their limits.
Fortunately, there is a simple solution: A service provider specializing in email hosting with a particular focus on data protection can help companies set up and keep up-to-date end-to-end encryption for email communication, without having to reserve staff and resources internally for this. For example, mailbox.org offers users the option of setting up PGP encryption with just one mouse click – all the necessary steps, from generating the key to making it available on PGP key servers, are taken care of automatically.”
More at Mailbox.org
Via mailbox.org
The German e-mail specialist mailbox.org shows that digital sovereignty, security and data protection can also be combined with convenience and extensive features. In addition to classic e-mail core functions, security-conscious private and business customers also receive a calendar, address book, task management, online word processing and cloud storage based on an open source solution.