E-Mail Security and Encryption Basics

E-mail Security and Encryption Basics

The dawning of the information age has brought about great changes in the way that transcriptionists work and communicate with each other. Technology has also allowed information to cross great distances. We can now share files, jokes, and kind words with anyone on the planet who has an e-mail address. One of the things that makes e-mail so great is that it is so convenient.

But is e-mail too convenient? Is there such a thing as "too convenient?" What is the easiest way to get down from that cliff? You could take the winding way down the face of the mountain or you could just jump. Jumping requires less effort and it is a much, much faster way to get down. Still, 4 out of 5 mountain-climbing dentists would prefer to take the winding route down the face of the mountain even though it means they would have to spend hours hiking instead of a few seconds doing nothing but falling. The easy way is not always the best way. Although e-mailing medical records is one of the easiest ways of getting your finished reports to your employer or client it is far from the best way.

Why Choose E-mail

Internet e-mail is very cost effective. In most places a flat fee of $15-$20 a month will get you unlimited access to the Internet, letting you send and receive all the e-mail you want. Since most people already have an Internet connection sending files through the existing e-mail system will save money over a long distance phone call made with your computer's modem.

E-mail is also convenient. I can send an e-mail to someone at any time of the day and when the recipient is ready she can log-on to her Internet connection and download the e-mail I sent. We don't have to set up a prearranged time for her modem to be put into host mode so it can receive my incoming call.

Versatility is another reason why people choose to communicate with e-mail. You can send people any kind of information through e-mail. E-mail can contain a simple message or an attached file. I've even gotten some really funny video clips through e-mail.

How E-mail Works

E-mail works in much the same way as the US Postal system. You type a message or create an attachment and send the e-mail off to a friend. In order for the e-mail to get to the recipient it must be "addressed" correctly. E-mail addresses take the form of:

user_name@computer_name.com

The section to the left of the @ sign is the recipient's name. The part to the right of the @ sign is the domain name of the computer the recipient will log into to download the e-mail. This information and the path the e-mail took to get to you is all included in a special section of the e-mail called the header.

When you send someone a letter through the regular mail you put it in your mailbox and the mail carrier comes to get it. The letter is then taken to the main post office in your area and routed to the main post office in the recipient's area. Then the recipient's mail carrier gets the letter and delivers it to her. It is the same with e-mail except that computers are used instead of people, trucks, and planes to pick up and deliver the mail.

In order for e-mail to move from one computer to another it must be copied along a network of computers connected by links to one another. This network is the Internet. The high speed data lines that phone companies own can be thought of as streets. The network servers and routers work just like post offices to make sure that information gets where it needs to be. Do you see a problem?

Dangers of Using E-mail for Confidential Information

In the real mail system letters and packages are physically moved from one location to another. But in the electronic mail system data is simply copied from one location to another. Under normal circumstances simply copying e-mail from one computer to another isn't a problem. The mail is copied and the retained copy is soon overwritten by another piece of information moving through the computer. If it were a perfect world e-mail would be safe. It's not a perfect world. There are all kinds of things that hackers and system administrators can do to breach the confidentiality of your electronic communications.

A hacker or system administrator can set the Internet server to "promiscuous mode." This is a special diagnostic mode that makes the server keep a copy of all the data that moves through it. Someone who knows what they are doing could easily have that data sent to another computer on their network where a script will run and filter messages containing certain words or phrases. Yes, the chances of someone looking for your specific e-mail are very slight, but it could happen. The scariest thing is that you wouldn't even know about it.

Cable modems present another hazard to confidentiality. When you use a cable modem to connect to the Internet you are connected all the time to a network run by your cable provider. All the other people using that cable provider are also connected to the same network. It is possible, although not probable, that one or some of those other Internet cable subscribers could gain access to your e-mail or even your hard drive. Internet cable subscribers can help avoid unauthorized hard drive access by never setting File and Print sharing on their computers.

Another breach of security can occur at your Internet Service Provider's (ISP) network. This is the network that functions as your local post office. When you send an e-mail it is uploaded to this network. E-mail you receive is downloaded from this network. People that work at your ISP have full access to all files stored on their network, this includes your e-mail. If your ISP wanted to they could easily copy your e-mail to another computer and read through it at any time in the future. If someone has your user name (easily seen to the left of the @ sign in your e-mail address) and your password, they can log on as you and send and receive e-mail as if they were you. This e-mail hacker could also set his mail program to leave messages on the server which means that he can log in and download your messages. Then when you log in you still get your messages since they were left on the server by the hacker. Once again you wouldn't even know this is happening.

What You Can do to Protect Yourself

There are a few easy steps you can take to protect yourself and your patient's confidentiality.

The first step is to change your thinking. If you think that these are just boring old medical records and no one is going to go to the trouble to read them you are wrong. How much do think the National Enquirer would have paid for a sneak peek at Jon Benet Ramsey's autopsy? People scramble to hear dirt about others all the time. These records might be boring to us but they contain the most private and intimate details of people's lives. I certainly wouldn't want the private records of myself or my family treated in a flippant nonchalant way. Some people have also asked their ISPs if it is really true that they can read our e-mail. The usual answer is "Yes, but there is so much of it we don't have time." Would the medical records department of a hospital leave their doors unlocked at night because they have so many records that it no one has the time to look through them? They're just a bunch of boring medical reports, who cares?

The second thing you can do find another alternative to e-mail. Use e-mail only for your light conversation with online friends but not for transmitting confidential information. Phone calls anywhere in the US now cost 10 cents a minute or less. For a mere 25 cents a day ($5.50 a month if you take two days off per week) you can send your files directly to your client or employer's computer. This is much more secure than e-mail since you are making a direct connection to the recipient's computer rather than copying data from one strange computer to another.

If you must use e-mail to transfer files use strong encryption. (Note: Strong encryption is not Zip file encryption or the kind found in your word processor.) You can encrypt the files on your computer, connect to the Internet, and then send them. People along the way can do whatever they want to the encrypted file. They can copy it but since it's encrypted they can't get to the information inside. To them it looks like a bunch of junk characters. The recipient then receives the encrypted file, disconnects from the Internet, and decrypts it. Nothing could be more secure.

Encryption Basics

When encrypting files for transfer through the Internet you have a few choices in how to go about doing this. The first choice is the type of encryption to use. You can choose either secret key cryptography or public key cryptography.

Secret key cryptography is the "traditional" method. Two people get together and choose a password or passphrase. They go their separate ways and encrypt files using the preselected word or phrase as a "key" that unlocks the information. The security of this system depends on keeping the key a secret. Secure secret key algorithms are RC4, Blowfish, Triple-DES, and Idea to name a few.

You can think of this method as putting files into a lockbox and only sharing the combination with those you trust. When you have to move files confidentially you send the recipient the lockbox confident that she is the only one who knows the correct combination.

Public key cryptography is a "newer" method of encryption. It was developed to solve the secret meeting problem of secret key crypto. For instance, what do you do if you want to send a secret message or file to someone you've never met and whom you don't even know? Public key cryptography solves this problem by allowing a user to generate a pair of keys. The user then keeps one key secret (it becomes his private key) and the other key is widely distributed (the public key). With this method you and only you can only decrypt messages encrypted with your public key. When someone wants to send you a message they encrypt it with your public key and send it on. You get the message and decrypt it with your private key. If the message gets rerouted or intercepted it doesn't matter because only your private key will decrypt. This method has some obvious advantages over the secret key method since the recipient only needs to know one passphrase, that of his secret key. Secure algorithms using public key cryptography are Diffie-Helman, El Gamal, and RSA.

Using our lockbox illustration above, you can think of this method as giving out open padlocks with your name on the back to everyone you know. You are the only one who knows the combination to the padlocks and all the combinations are the same. When someone wants to send you a message they put it into the lockbox and lock it with padlock you've provided. They send the message to you and you are the only one who can open it since you are the only one who knows the combination.

If you want to use cryptography make sure the product you use supports one of the algorithms mentioned or do a little searching on your own to find out what professional cryptographers are saying about the algorithm your product uses. Don't ever use encryption that hasn't been widely tested by other experts in the field and don't ever trust what someone says about an algorithm that they created themselves. Encryption algorithms undergo years of scrutiny before they are considered secure. The algorithms that I have mentioned are by no means an exhaustive list of secure methods but these have withstood the test of time.

Conclusion

E-mail has many advantages over standard methods of moving files. Use e-mail but know its limitations. Keep in mind that you aren't doing anyone any favors by taking unnecessary risks with patient confidentiality. Occasionally, people must use e-mail to transfer their files. Sometimes there simply is no better alternative. If you are one of those people who must use e-mail, remember to always encrypt your attachments with a program that uses a secure encryption algorithm. Whether you use secret key or public key cryptography is a matter of preference. Patient confidentiality should never be a matter of preference, it must be protected.

Author's Notes: Since I wrote this article in 1999 the world of encryption has changed. There was an AES competition held to choose the algorithm of the new millenium. From that competition we have at least 5 additional very good, very strong, secret key algorithms: Rijndael (the winner of the AES competition), Twofish, RC6, Serpent, and MARS.