Encryption Management
Maximise my security
- Contact us to briefly discuss your needs
- Go straight in with some initial consultancy
- Need services spinning up soon? Call us.
- In a "fix" (i.e. an emergency)? Ditto.
Comprehensible encryption for your business
Data - whether messages, files or otherwise - is typically transferred via an encrypted data stream. But when data reaches its destination, it can be stored unencrypted. Password breaches from websites are proof that bad storage practices exist.
ServerBright can review, advise and implement better practices for the safe encryption of all of your data. In addition, we can administer your encryption management practices on your behalf, ensuring that there is never a time where data is transferred, or stored, "in the clear".
But web site encryption, file transfers and system access are only part of the story. Your daily routines - emails, creating documents, working with other people … these all, too, deserve some attention in the overall security picture.
Did you know that you could digitally sign every email you send? How about encrypting every email sent to each trusted recipient, so that only they can open and read the message - with no-one able to see its contents?
ServerBright can help you tighten up email security, and help to implement the strongest industry-standard safeguards for data management, protecting payloads at rest or in flight, validating authenticity and securing storage.
Encrypt email like a pro
Like any modern business, ServerBright Ltd regularly corresponds via e-mail for all manner of purposes. Unlike physical postal mail, the law does less to protect electronic mail in transit. This means that without an adequate safeguard, e-mail can be tampered with by an intermediary, without the knowledge of the sender or receiver.
The "adequate safeguard" mentioned above is, of course, encryption. With the use of public key infrastructure, e-mail message payload can be encrypted with a recipient's "public" key and signed by the sender's "private" key, meaning:
- the recipient - or, at least, the keyholder(s) - will be the only person(s) able to read that e-mail;
- the recipient(s) will be able to validate that it was digitally signed by the sender; and
- the recipient(s) will be able to determine that no tampering had occurred with the message.
This is dependent on both parties managing their own GPG keys, which is something ServerBright can help you with.
If you use a service provider for email who claims that your e-mail is "encrypted", they are likely referring to transport security, not payload encryption. E-mail encryption managed by a service provider is generally inadequate, because that service provider will have access to your encryption key pair.