Google’s New Gmail Security Feature

Google’s New Gmail Security Feature

Privacy is the term of the century. It seems like every time we get past one hurdle, a new one pops up, such as data breaches or unknown hackers.

Click the image to read Google's explanation of how encryption works.

Click the image to read Google’s explanation of how encryption works.

The Internet community is constantly, consistently trying to protect your privacy.  Take email: It’s our most-used mode of communication. But email is also one of our most vulnerable forms of communicating with friends, family, colleagues and making business transactions.  What would you do if you found out that someone was reading your emails and potentially even altering the message before it got to you or someone else? Scary, I know. Unfortunately, it can and does happen. Google, along with others in the Internet community, is making it harder to hackers to take such actions, by increasing your protection.

If you are a marketer, own a website, or send email regularly you might have heard of the acronyms noted below. Each of these concepts has a role to play in the protection of your information.

HTTPS (Hypertext Transfer Protocol Secure)- This encrypts and decrypts user page requests, as well as the pages that are returned by the Web server. The use of HTTPS protects against eavesdropping and man-in-the-middle attacks. Although HTTPS secures data as it travels between the server and the client, once the data is decrypted at its destination, that data is only as secure as the host computer.

SSL (Secure Sockets Layer) – This is the standard security technology for establishing an encrypted link between a web server and a browser. This link ensures that all data passed between the web server and browsers remain private and integral. SSL is an industry standard and is used by millions of websites in the protection of their online transactions with their customers.

The bad guys are clever and persistent. Despite all we do, someone, somewhere can still possibly get around the protection.  Google (in its role as an Internet Service Provider) is taking a next step and taking security to a new level for its customers. The company will be soon roll out a Gmail feature: Gmail will warn a recipient when an unencrypted message arrives in their inbox.  Other ISPs are bound to follow.

While this won’t impact Gmail-to-Gmail messages, it can affect messages coming into Gmail from outside sources. Gmail already defaults to using HTTPS for the connections between browsers and servers; but for a long time it was the standard just to leave messages unencrypted – and unencrypted emails are a target. This lack of encryption created vulnerabilities that made it possible for lurkers to expose recipients and steal valuable data, or wreak other mischief.

So how exactly is Gmail changing?

Transport Layer Security (TLS).  I know, another acronym, but it’s actually really cool.  TLS is a protocol that encrypts and delivers mail securely, for both inbound and outbound mail traffic. It helps prevent eavesdropping between mail servers – keeping your messages private while they’re moving between email providers.

However, your messages are encrypted only if you and the people you email with both use email providers that support Transport Layer Security. Not every email provider uses TLS, and if you send or receive messages from a provider that doesn’t, your message could be read by eavesdroppers.  TLS is being adopted as the standard for secure email. While it’s not a perfect solution, if everyone uses it, snooping on email will be more difficult and costly than it is today.

With these changes, recipients can have more confidence about where their mail is coming from. Yahoo, Microsoft, and other ISPs are encrypting messages as well to further protect their customers and recipients from malicious mail.  During a study, it was found that 94 % of messages sent to a Gmail address can be authenticated, making it harder for phishing attempts to be successful.

gmail-graphic re encryption

We will be sure to keep you up to date on the progress of Gmail security. In the meantime, if you’d like to learn more, just visit any one of the news sources below.

As a digital marketer, you need to have as much information as possible to remain compliant in today’s complex marketplace. Take a tour of Act-On to explore it’s digital marketing capabilities or explore our digital compliance information to learn the industry insights you need to be successful.

Act-On Software On-Demand Demo