Prior to the NSA affair, the threat to electronic enterprise communication was considered to be beyond the firewall. With the Snowden revelations however and the increased use of mobile devices for business email, the need to secure communication from sender to recipient and within the corporate network has raised the awareness for industrial scale end-to-end encryption. This position paper explains the risks and pitfalls associated with the existing concepts of end-to-end encryption, presents the obstacles which have to be overcome and introduces alternative approaches to securing enterprise email communication. Many solutions are available which deliver personal simple client-side encryption but which are limited to S/MIME whilst others combine a client and gateway organizational approach, which incorporate flexible delivery options as well as interfaces for anti-virus, anti-spam and data loss prevention tools. This paper takes a closer look at the complex issue of creating and distributing the certificates which are required for end-to-end encryption and will introduce alternative approaches for secure end-to-end communication. The reader will learn about the benefits and risks of end-to-end encryption within an enterprise security architecture and will understand which approaches work best for specific environments and user groups.
展开▼