3.7.

5 EMAIL

STANDARDS FOR EMAIL SECURITY

Email security refers to various cybersecurity measures to secure the access and

content of an email account or service.

Proper email security can protect sensitive information in email communications,

prevent phishing attacks, spear phishing and email spoofing and protect against
unauthorized access, loss or compromise of one or more email addresses.

To improve email security, organizations should:

 Address the security aspects of the deployment of a mail server through maintenance and
administration standards
 Ensure that the mail server application is deployed, configured and managed to meet the
security policy and guidelines instituted by management.
 Consider the implementation of encryption technologies to protect user authentication and mail
data

A digital signature authenticates a communication from a user in an untrusted network environment in

email security. A digital signature is a set of bits that are added to a digital document. Its legitimacy can
be validated in the same way as a handwritten signature can. It is unique to the document being signed,
unlike a handwritten signature. Another use of public key cryptography is digital signatures.

Digital signatures are a good method of securing email transmission because:

 The signature cannot be forged.

 The signature is authentic and encrypted.
 The signature cannot be reused (a signature on one document cannot be transferred to another
document).
 The signed document cannot be altered; any alteration to the document (whether or not it has
been encrypted) renders the signature invalid.

There are two different types of encryption techniques used to ensure security, symmetric key and
asymmetric key system. If the email is protected using a symmetric button at the end of the receiver,
the user must know the one secret button to decode the message. If a public key is used as an
asymmetrical key system, the user must use the private key to decrypt the message and use a digital
signature verification tool to validate the signature at the receiving end.
Message Digest is a technique for ensuring the integrity of data sent across an unsecured channel
(where the content of the message can be changed). A Cryptographic hash function is used to encrypt
the message. This function produces a Digest image, which is a compressed version of the message.

Lets assume, Alice sent a message and digest pair to Bob. To check the integrity of the message Bob runs
the cryptographic hash function on the received message and gets a new digest. Now, Bob will compare
the new digest and the digest sent by Alice. If, both are same then Bob is sure that the original message
is not changed.

This message and digest pair is equivalent to a physical document and fingerprint of a person on that
document. Unlike the physical document and the fingerprint, the message and the digest can be sent
separately.