Receiving encrypted work emails

Post Reply
User avatar
Simon
Posts: 4738
Joined: Wed Apr 11, 2018 4:03 pm

Receiving encrypted work emails

Post by Simon »

FFS, why?

Occasionally we get a banal email from a customer about nothing, but they insist on sending encrypted. But then they use a third party provider that you have to register with, provide security questions, a password, your DoB etc etc just to open the damn email. Why?

The email won't land in my outlook so it doesn't become searchable or easily accessible. And usually there's no reason for it to be encrypted in the first place.

I provisioned a high street bank a few years ago and they were returning a signed cert after I'd sent them a CSR. Numerous calls and emails followed where they were trying to zip and p/w protect the cert from prying eyes. I had to point out to their infosec guy that this cert was going on the front of their website and EVERYONE would be able to see it, so why encrypt it in a p/w protected zip file? You could almost see the penny dropping in his brain.
The artist formerly known as _Who_
User avatar
dinny_g
Posts: 5253
Joined: Wed Apr 11, 2018 4:31 pm

Re: Receiving encrypted work emails

Post by dinny_g »

GDPR... init...

But seriously, I suspect you know the answer already. Corporate Policy catering for the lowest common denominator, no empowerment to act individually based on the individual circumstances and draconian punishments applied to keep the lowest common denominator's in line - which will be applied to all, regardless of circumstance, due to "Fairness"
JLv3.0 wrote: Thu Jun 21, 2018 4:26 pm I say this rarely Dave, but listen to Dinny because he's right.
Rich B wrote: Thu Jun 02, 2022 1:57 pm but Dinny was right…
User avatar
Simon
Posts: 4738
Joined: Wed Apr 11, 2018 4:03 pm

Re: Receiving encrypted work emails

Post by Simon »

/thread.
The artist formerly known as _Who_
User avatar
NotoriousREV
Posts: 6437
Joined: Wed Apr 11, 2018 4:14 pm

Re: Receiving encrypted work emails

Post by NotoriousREV »

It annoys me that encrypted emails are so fucking hard when it should just be a default thing built into servers and clients.
Middle-aged Dirtbag
User avatar
mik
Posts: 11633
Joined: Wed Apr 11, 2018 6:15 pm

Re: Receiving encrypted work emails

Post by mik »

Spoiler
Even 1 extra click is a b4ll4che
User avatar
Ascender
Posts: 3518
Joined: Thu Apr 12, 2018 12:07 pm
Currently Driving: 2019 M2 Competition

Re: Receiving encrypted work emails

Post by Ascender »

A banking client I work with has been using a product called Egress Switch for this exact purpose. Its a ball ache to use from an internal perspective, but hey ho, needs (and policies must).

However, the pain to set it up internally is nothing compared to the absolute shit show which is being the poor sod on the receiving end. I've recently been doing some work for this client while working at another consultancy, so my incoming emails are generally sent and encrypted using Egress. I have no f*cking idea how someone is supposed to work with this - I lost the will to figure out what on earth was going on in my inbox in about half a day. Its an absolute rats nest of encrypted mails back and forth, transforming the usual seconds it takes to read something to minutes but the time I've figured out who its from, tried to unencrypt it, need to reset my password, find the right key, then encrypt my reply etc.
Cheers,

Mike.
User avatar
NotoriousREV
Posts: 6437
Joined: Wed Apr 11, 2018 4:14 pm

Re: Receiving encrypted work emails

Post by NotoriousREV »

The dread of receiving an email from a banking contact with the dreaded “You have a new secure message”. Aw, shit, let me set up the pentagram of candles so I can ask the dark lord for the 3rd, 15th and 174th letter of His One True Password.
Middle-aged Dirtbag
User avatar
DeskJockey
Posts: 4630
Joined: Thu Apr 12, 2018 8:58 am

Re: Receiving encrypted work emails

Post by DeskJockey »

NotoriousREV wrote: Sat Jan 25, 2020 9:31 pm The dread of receiving an email from a banking contact with the dreaded “You have a new secure message”. Aw, shit, let me set up the pentagram of candles so I can ask the dark lord for the 3rd, 15th and 174th letter of His One True Password.
One true password? You know better than that. He would have you on a password policy of such complexity it'll melt your brain.
---
Driving a Galaxy far far away
User avatar
NotoriousREV
Posts: 6437
Joined: Wed Apr 11, 2018 4:14 pm

Re: Receiving encrypted work emails

Post by NotoriousREV »

Nah, he only has plain text passwords.
Middle-aged Dirtbag
User avatar
Orange Cola
Posts: 2232
Joined: Wed Apr 11, 2018 7:56 pm

Re: Receiving encrypted work emails

Post by Orange Cola »

What? Does he send you another unencrypted email with the password in?
Mustang GT 5.0 V8 -- Jaguar F-Pace
User avatar
NotoriousREV
Posts: 6437
Joined: Wed Apr 11, 2018 4:14 pm

Re: Receiving encrypted work emails

Post by NotoriousREV »

Orange Cola wrote: Sun Jan 26, 2020 12:34 pm What? Does he send you another unencrypted email with the password in?
Any website that does this is definitely run by Satan
Middle-aged Dirtbag
tim
Posts: 1648
Joined: Fri Apr 13, 2018 9:27 am

Re: Receiving encrypted work emails

Post by tim »

NotoriousREV wrote: Mon Jan 20, 2020 11:22 am It annoys me that encrypted emails are so fucking hard when it should just be a default thing built into servers and clients.
I've been using CipherPost Pro from AppRiver (we are partners) and it's pretty slick. There's an Outlook plugin, or an iOS/Wankdroid app, and it appears to just work with the minimum of fuckery.
User avatar
NotoriousREV
Posts: 6437
Joined: Wed Apr 11, 2018 4:14 pm

Re: Receiving encrypted work emails

Post by NotoriousREV »

tim wrote: Sun Jan 26, 2020 7:03 pm
NotoriousREV wrote: Mon Jan 20, 2020 11:22 am It annoys me that encrypted emails are so fucking hard when it should just be a default thing built into servers and clients.
I've been using CipherPost Pro from AppRiver (we are partners) and it's pretty slick. There's an Outlook plugin, or an iOS/Wankdroid app, and it appears to just work with the minimum of fuckery.
Yeah. If everyone’s using it. That’s my beef, it should just be a standard part of email, like SSL is for web and not reliant on plugins and making sure everyone is using the same thing.
Middle-aged Dirtbag
Post Reply