Protect your communications with email encryption that is private by default.

Disclaimer: TSB directly benefits from this referral link to Proton Mail, the mail provider we use.

Today, most email is already encrypted at least server-to-server.  So while this is more secure than in the past, it’s not the most security you could have for sensitive information.  What you may want to consider is end-to-end encryption. Here’s a breakdown of the difference:

Server-to-Server Encryption encrypts email while it’s being transmitted between your email client and the email server, but not on the recipient’s end.  Imagine a locked box (encryption) carrying your email from your provider’s server to your recipient’s provider’s server. Only the servers have the key to open the box.  The email remains unencrypted on the servers and could be accessed by the providers if they choose.

End-to-End Encryption (E2EE) encrypts email from your device to the recipient’s device. Only the sender and recipient have the keys to decrypt and read the message.  In our analogy, consider it a locked box picked up from your device and delivered directly to your recipient’s device – to which only you and the recipient has the key to open.  In this case, the email providers cannot open the emails without the keys.

So WHY would you want to use E2EE and not Server-to-Server?  We trust the email providers so why would we care?  Here are some topics to consider:

• Hackers will have a more difficult time extracting information from a compromised computer if the emails that reside on it’s hard disk are encrypted.  They would need the data and the keys to open them.  The less about you a hacker can learn from your email, the more protected you’ll be.
• In the case of legal actions, your email provider cannot breach your rights to privacy in communication. Though they can provide metadata like how frequently communications were exchanged and some header information about where emails came from and went to.
• Sharing sensitive information – like medical or financial information with loved ones.

So why are we recommending Proton Mail?  Proton is a company that’s mission is about privacy of information.  They are making moves to ensure that 51% controlling interest in the company is maintained by a not-for-profit group to keep it’s mission for accessible security and privacy to it’s customers.  They make E2EE easy and go out of their way to protect your information as well.  Even if people emailing you are only using Server-to-Server (or no) encryption, Proton Mail has a process where they will automatically encrypt it and destroy their access to it as it gets to your mailbox. Additionally they offer business plans as well to host your own domains, like we use.

Here is a brief 2 min read explaining how Proton Mail encrypts email.