In the previous blog, we learned how digital signatures work and why it is so important to digitally sign all your emails. Now you might be wondering “Okay, digital signatures are crucial but how difficult is it for an average user to implement them?” After all usability is a key criterion for the mass adoption of any security practice and usually, this involves a tradeoff between the security and the usability of the implementation.
Like, we all know how important it is to have secure passwords protecting our web accounts, but according to the 2012 CSID consumer survey, nearly 70% per cent of user passwords are categorized as being weak or very weak and that leads to 1 out of 5 American consumers experiencing a security breach of their online accounts. This example highlights user reluctance to change their usage patterns despite being aware of the necessity of that change.
So, in this blog I will aim to guide you through the transition as painlessly as possible, by using clear and easy to follow instructions, maintaining an even balance between usability and security.
Microsoft Outlook makes it very easy for you to configure your email client to digitally sign your emails with a Digital ID (S/MIME). You need to click on File < Options < Trust Center and open the Trust Center Settings. In the Trust Center Settings window, click on E-mail Security < Settings. In the now opened Change Security Settings window, enter a name for your security profile and then chose a Signing Certificate under the Certificates and Algorithms section. After clicking okay on this Certificate, you will see this certificate has been selected and you can finally click okay here to finish the digital certificate selection process. Finally, in the E-mail Security section select the option “Send clear text signed message when sending signed messages”, so that each and every email sent by you now include a Digital Signature by default. Now any email you send will automatically be signed with your Digital Certificate assuring the receiver that the message received is from you and has not been modified in any manner, maintaining the authenticity and integrity of the communication. Click here for more detailed step by step instructions of the implementation with images.
I recommend making digital signature a part of the standard communication process in the organisation by including it in your company’s security policy to ensure its smooth and uniform adoption.
Click here to learn more about the different ways in which Digiground can assist you in your goal of achieving a more secure presence online [link to blog: Digiground, Keeping your data secure].