Assignment - Encrypting Email Messages for Allnet Solutions

ENDLESS SUPPORT IN ENCRYPTING EMAIL MESSAGES FOR ALLNET SOLUTIONS ASSIGNMENTS WRITING SERVICES -  YOU GET REVISED OR MODIFIED WORK TILL YOU ARE SATISFIED WITH OUR ENCRYPTING EMAIL MESSAGES FOR ALLNET SOLUTIONS ASSIGNMENT HELP SERVICES!

Assignment Aims

1. To Implement the skills and knowledge gained through the course.

2. To achieve greater awareness of the latest security tools and techniques for computer systems security.

Scenario : Encrypting E-mail Messages

As a scurity consultant for Allnet Solutions you have been contacted regarding assisting them with a new project. Allnet Solutions has offices in several parts of New Zealand. Allnet Solutions have asked for your help.

Create a report that lists different types of email cryptography security otions that can be implemented, along with thier advantages, disadvantages, and ease of use. Include those packages that work with Lotus Notes, Pegusus, Microsoft Outlook and Novell GroupWise. Rank the packages according to the criteria: are the easiest to use and have the most features.

Solution

Executive summary

Email encryption is the process through which the contents of an email is encrypted and secured to avoid being intercepted by unwanted parties. It can also be said to be an authentication mechanism. It hides the plain text and other email contents from those who might want to eavesdrop, and a digital signature is usually utilised to decrypt them. Some of the commonly use tools for email encryption are Lotus notes, Pegasus Mail and Microsoft Outlook. This report outlines these numerous encryption methods and assesses them in order to find out which one will be best-suited for Allnet Solutions, a company based in New Zealand.

1. Introduction

Encryption of e-mails is necessary for protecting the content of the mails from being read by unwanted entities. This step of securing the emails so that they cannot be read by anyone other than the recipient is a necessary step in preventing the disclosure of sensitive information [1]. Currently, most emails are sent across without any form of encryption, which makes it prone to being intercepted by parties other than the intended recipients. There are several ways to encrypt emails and increase the security, which shall be discussed in this current report [2]. The various security issues, threats and the adequate models, tools and the reasons for using them will be elaborated on. A way of how to implement the defence solutions has also been provided.

2. Methodology

Security of emails is a massive priority for every organisation and business, and the importance has further increased due to the sharp rise in the growth of viruses, hackers, spammers, identity theft and phishing issues. Business information thereby needs to be secured appropriately, and for this reason it is important to encrypt the emails. The security issues and threats have been further elaborated –

Spoofing and phishing: In case of spoofing, cyber criminals transmit emails while pretending to be someone who is known to the recipient [3]. This is actually pretty easy to do, while tracing the actual sender is rather difficult. Phishing is also one of the most dangerous tools or methods that are used by the cyber criminals to fool people into delving information regarding their confidential details, such as bank account number, social security numbers, etc [4]. The logos, graphics, and other means used by these scammers can often appear to be so authentic that anybody would be easily misled. However, the links they send via the emails redirect the users to a malicious website, which steals all the private data and information from the recipients [5].

Malware: Email systems are being used by many cyber criminals to deliver infected files to many organisations by using malicious software, which is commonly referred to as malware. This package containing the malware can comprise of worms, viruses, spyware and even Trojan horses, which are essentially files that appear harmless but are actually malicious identities under disguise [22]. When such attacks are successful, it gives the malicious identities complete control over the servers as well as the work stations of the organisations. This ability to access the controls is often exploited to get hold of sensitive information, or to monitor the activities of other users, among a host of other malicious actions.

Security weaknesses: An email system can have many vulnerabilities, and these can be exploited by the cyber criminals, thereby giving rise to disastrous consequences. The issues often arise due to certain misconfigurations, which make it easy for the hackers to infiltrate the systems and gain access to information that should have otherwise been protected [6].

GET READYMADE ENCRYPTING EMAIL MESSAGES FOR ALLNET SOLUTIONS ASSIGNMENT SOLUTIONS – 100% PLAGIARISM FREE WORK DOCUMENT AT NOMINAL CHARGES!

Domain squatting: This is when a cyber criminal uses someone else’s trademark or information to buy and register a domain name [7]. This is a threat that both businesses and individuals are prone to.

Social engineering: This is a rather dangerous as well as complicated technique that is often used by attackers to collect sensitive information from the users or workers in an organisation, and in turn, make them unknowingly perform tasks that will ease the mode of future attacks [21]. Falsified information is sent via emails to these unsuspecting users, who fall under its trap once they click on those suspicious links.

Ransomware: Cyber criminals often infect the files and emails in such a disastrous way that the users have to pay to decrypt the data back to its normal state [8]. It is necessary to get a tight grip of the email services and have analytical measures in place, which will help detect the suspicious behaviours and notify if any issue arises.

Email systems can be secured in many ways, and there are a number of ways in which this can be done. Some of these methods can be further elaborated on as below –

Implementation of management controls: In order to ensure effective maintenance and operation of the email systems in a secure way, it is important to lend the adequate amount of support to the network infrastructure, which includes the management security controls, the information security policies, change control, configuration management, and the necessary contingency plans [23]. An organisation must also be prepared for the implementation of delivering training related to security awareness to all the employees.

Planning the system implementation: The planning part for deploying a secure system of email is even more important. This is necessary to ensure smooth installation, configuration as well as deployment of the security measures [23]. The planning should be conducted right from the initial stage at the beginning of the life cycle development, as it would help minimise the costs while maximising the security.

Securing the mail server applications, clients and transmission: An organisationis responsible for the installation of mail server services, which would help secure the systems and /eliminate the already known vulnerabilities by using upgrades, patches or other configurations. The mail clients must also be upgraded to enable antivirus, antispam and anti-phishing mechanisms. Encryption is a tool that helps secure email transmissions.

There are various tools and models that can be implemented for ensuring appropriate encryption of emails. Some of these have been discussed in detail below, starting from the most convenient method to the least –

Pegasus: This is a proprietary email client that was originally released to work with MS-DOS and then later modified to be compatible with the Macintosh computers. Currently the only platform that allows Pegasus Mail to be used is that of Microsoft Windows. It was a freeware when it had started out, but now it is a donationware. It is an email encryption tool that is suitable for both single and multiple users, and it has very minimal system requirements as compared to the other options [9]. Even the hard disk space occupied by the program is very less, and there are several language options available as well.

MOST RELIABLE AND TRUSTWORTHY ENCRYPTING EMAIL MESSAGES FOR ALLNET SOLUTIONS ASSIGNMENT HELP & HOMEWORK WRITING SERVICES AT YOUR DOORSTEPS!

Microsoft Outlook: This email client has rolled out a whole new list of security measures that users can implement to secure their emails. The feature is that of an end-to-end encryption, which will allow the senders and the recipients to send emails through a highly secure connection [10], thereby ensuring that hackers and cyber criminals do not get hold of the data or information that is being transmitted. Users can not only receive and send these encrypted messages but also download files and messages in a secure format. A passcode will be further required to download them.

Lotus notes: Lotus Notes by IBM uses a public and a private key to encrypt and decrypt the data in emails, and this is also used to validate the digital signatures. The keys that are set have to mathematically related and must be unique for every user ID. Both the keys are stored only within the user IDs of the senders and recipients [11], and the emails sent can be encrypted and decrypted by utilising these keys from the certificate that is located within the Domino Directory.

Novell GroupWise: The native encryption of Novell GroupWise is implemented throughout the system. It ensures that the encrypted email messages are intercepted and read by the stated recipient only. The protocol used in this case is that of S/MIME, or Secure Multipurpose Internet Mail Extensions, which helps to exchange the encrypted and digitally signed emails [12]. This platform is widely adopted across various businesses.

As is evident from the above research, there are many tools that can be implemented for ensuring a strong encryption of the email systems. The primary reasons why the data and information transmitted through emails need to be protected can be outlined below –

Avoiding business risks: There is virtually a lot at stake if valuable information gets leaked to unwanted parties through plain text emails [13]. If they are not encrypted, it is all the more convenient to gain access to these emails. Competitors and business rivals can use that sensitive data against the organisation, which is a major risk that needs to be avoided.

Protecting confidential information: Encrypting emails makes it easier to protect confidential data such as credit card information, social security numbers, bank account details, and so on. Unwanted parties can always misuse the information for their personal gains if the emails are not encrypted. In fact, it is even possible to alter and tamper with the mails are in transit [13]. Hackers have found easier ways to gain access to usernames and passwords, and thus, email encryption has become all the more important nowadays.

Nullifying message replays: As stated above, it is possible to alter messages that are in transit. It is also possible to save, tamper, and resend those very mails at a later time. This will make it seem like someone has received a series of authentic messages, as the subsequent messages will be altered very carefully [14]. The senders and the recipients will thus never know that such mails have been exchanged without each other’s knowledge.

Avoiding identity theft: In case a hacker gets access to the password and username that is used to log into the email servers, they can easily read the emails and send fake messages on the user’s behalf [15]. This is referred to as identity theft and email encryption helps to considerably reduce the chances of this happening. Moreover, there is also no proof of whether an email has been sent or not as the person doing this might simply deny all the allegations. This has rather grave implications in terms of business communication and electronic commerce.

Unprotected backups: The emails that are transmitted are usually stored on an SMTP server (Simple Mail Transfer Protocol), and its backup server keeps copies of the messages that have been exchanged [16]. Thus, a person who can access these very backups can easily read the emails and exploit the data and information in malicious ways. This is dangerous since the backups often remain for years even after the original messages might have been deleted.

HELPING STUDENTS TO WRITE QUALITY ENCRYPTING EMAIL MESSAGES FOR ALLNET SOLUTIONS ASSIGNMENT AT LOW COST!

Thus, encrypting mails are an important task that any organisation such as Allnet Solutions must implement. The various business risks as stated above are major threats to the smooth functioning as well as the security of the organisation. The various packages as suggested above offer multiple encryption features for keeping the mails secure and safe from cyber criminals.

3. Implementation

3.1 Testbed and static

The Internet of Things is an immensely vast ecosystem that help parties to connect to each other in a way that is unparalleled by any other.A major issue that this IoT has brought over is that there have arisen, a large number of issues related to the security and analysis of the data and information that is being transmitted or shared [17]. Moreover, there are little or no mechanisms for testing the security of the IoT devices in various contexts. A testbed is often used to collect the data during the security trials in such cases, and a similar model can be implemented for the evaluation of the encryption of email data. The testbed that could be used must have the capacity to emulate the specific conditions under which the testing could be done [17]. It will consist of both hardware and software components of its own, and side channel tests can be implemented for better evaluation and assessment.

In case of email encryption or any other form of cryptography, there are always numerous kinds of keys that are used, which can be broadly categorised into symmetric and asymmetric [18]. Lotus Notes uses an asymmetric key, as it has two sets, the private and the public. Also, these keys could either be static, or could be ephemeral, meaning that they are suitable only for one-time use. The lifespan of the static keys can be days or even weeks, and it ranges across various platforms [19]. Lesser the time period of the static keys, higher are the chances of maintaining a more secure email system.

3.2 Defence and mitigation solutions

Allnet Solutions can implement the Pegasus Mail security solutions for enhancing the security of its email servers and for the encryption of the emails. It will be an extremely convenient option since it is quite easy to use, and occupies very less disk space of up to a couple of megabytes. Moreover, since it is a donationware, the need for investing a large amount of capital for the defence and mitigation solutions of email encryption will be quite less, as opposed to the standard 10 NZD. Thus, this option would be easily feasible for the organisation, and also not let the costs shoot up in an extravagant manner.

4. Summary and recommendation

As is evident from the above report, there are several tools and models of email encryption that the organisation can implement to help make the systems more secure and private. The various tools as outlined, such as Lotus notes, Microsoft Outlook, Novell GroupWise and Pegasus Mail work to make the email platforms a lot more secure as opposed to when emails are sent as plain texts. Moreover, it can be recommended that Allnet Solutions use Pegasus as the email encryption tool, as it has a large number of features, and the cost of setup for each account is less than the others.

5. Impact of recommendation on Maori and Pacific communities

In New Zealand, encryption technologies are massively important for keeping a secure hold on the online commerce and also for the provision of better services, both for the government and the people [20]. This also impacts the Maori and the Pacific communities directly, as the online services such as emails, etc. prefer to use a robust method of encryption to ensure extended security. Implementing Pegasus Mail as the security client at Allnet Solutions will further provide the communities with the assurance that their data is safe, and that the information they transmit will not be intercepted by those who might misuse it. Such a step is extremely important for ensuring the economic prosperity [20] of both the organisation and the country, and it will also help to protect the ever-growing intellectual property of the communities that reside there.

6. Reflection

From this report, I have been able to learn the numerous methods of email encryption, and I have also understood the importance of the same. As a consultant for Allnet Solutions, I would thus advise that the company use Pegasus Mail as its encryption tool. Moreover, I have been able to understand the grave importance of having an encryption process within the organisation, since the business data that are often shared among colleagues and external partners are highly sensitive, and can therefore be prone to theft and interference from rival companies and cyber criminals.

SAVE DISTINCTION MARKS IN EACH ENCRYPTING EMAIL MESSAGES FOR ALLNET SOLUTIONS ASSIGNMENT WHICH IS WRITTEN BY OUR PROFESSIONAL WRITER!