Physical & Digital Security
Emails are extremely vulnerable to privacy violations during their lifetime. First, emails are often archived for many years as users accumulate large number of emails that are spread in the cloud. Security breaches, service provider insiders, deliberate data mining, implementation vulnerabilities, and weak user passwords, among several factors, make it almost certain that most people’s emails will get compromised at some point in time. In addition to vulnerabilities related to senders and related providers, as soon as an email is sent its privacy depends on the recipient’s providers in the cloud, the recipient’s devices and security habits. Recent vulnerability discovered on SSL, the digital security layer of web servers, called HeartBleed, further highlights the challenges faced.
Is it even possible to attain email privacy? The EPRIVO email privacy service combines government-grade digital security (e.g., AES-256 encryption and RSA-2048 based PKI) with the idea of physical security or separation implemented in the cloud. Physical separation, achieved through third party email accounts/carriers, storage providers, and EPRIVO, is the best privacy that exists: even intuitively, physical separation of content (and related information) is more private than sharing a space and associated access regardless of how strongly it is digitally shielded/protected. Physical separation allows seamless secret sharing, key management, and unique digital security implementations for authentication of each email, while cutting the cord from vulnerabilities associated with any of the involved party’s security policies and their enforcement. Even if one or more of your email passwords get compromised or someone breaks into one of the carriers, users’ email privacy continues to remain intact. Any email/cloud carrier or storage provider utilized as part of the solution would not have enough information to compromise one’s privacy, even if broken into (e.g., by hackers, insiders). EPRIVO email does not really exist fully other than in the users’ devices. EPRIVO does not store email.
EPRIVO also manages privacy in recipients’ devices. Through its cloud service it maintains each email’s privacy as required by the sender, including confidentiality and access rights. This idea of sender-controlled email privacy enforced both in the cloud and recipient devices, and for the entire lifetime of an email, is another pioneering and cornerstone feature of EPRIVO. Special privacy features for sender control include recall/delete, one-time-view, time-based-expiration, privatized sender and subject lines, completely privatized metadata, etc.