New eema report, Secure Messaging Between Organisations, Considers Public Key Infrastructure and Alternative Methods
eema, the independent European association for e-business, has published its Secure Messaging Between Organisations report. Available to eema members and non-members, it explores Public Key Infrastructure (PKI) and the alternative options that large companies and SMEs can employ to ensure security in electronic communications.
Messaging is an essential communication medium in most organisations, containing information ranging in sensitivity and confidentiality. Most users of messaging are not aware of the vulnerability of messages to both eavesdropping and impersonation. Companies that fail to take precautions to protect this information are exposing themselves to high risks, financially and corporately. The Secure Messaging Between Organisations report has been authored by the eema Messaging and Collaboration Interest Group to address these issues.
Secure Messaging Between Organisations reviews the strengths and weaknesses of alternative solutions in comparison to S/MIME. S/MIME is not necessarily the best choice for all kinds of requirements, which can be as diverse as e.g. SMEs sending a few highly confidential messages a day to changing business partners, a large organisation sending bulk semi-confidential messages to its customers, or two close business partners routinely exchanging highly confidential information over a considerable time period, the report concludes.
The report emphasises that a full analysis of the requirements must be carried out to ensure a perfect fit of the solution. It compares and contrasts the potential of Pretty Good Privacy (PGP), dedicated line and routing, gateway-to-gateway encryption using Transport Layer Security (TLS) or S/MIME gateways and attachment encryption & compression.
Related links: (Open in a new window.)
www.eema.org
Taken from Information Security Bulletin.