* Reader tells of his experience with secure messaging A reader of this newsletter recently relayed his organization’s experience with secure messaging.Here’s a lightly edited version of his message:“The whole secure messaging thing is a real problem for us and for our customers. The problem is that most third-party solutions, such as Pretty Good Privacy (PGP), pose all sorts of archiving problems and are too difficult for many users to handle. Most users have problems if they need to zip a file, and adding any further steps to mail attachments is a big no-no.“For the most part, secure messaging is not about hiding a message from your colleagues or sending a message internally within the organization – most mail packages do this very well. The real problems are in sending to people in other organizations. For example, we use Lotus Notes as our e-mail system and have about 2,500 frequent contacts spread across more than 1,000 different organizations. It doesn’t make sense for us to use public keys. At present, we use a 128-bit SSL extranet site and send links to documents on that site. “Our contacts have to log on and download documents. This works well for documents that need to go to large numbers of people, but it is useless for one-to-one communications. What I’ve found is that although it is ‘against policy’ in our company, our staff still uses the unsecured method of direct e-mail. The majority of our contacts are financial institutions, and this problem is even worse for them. They have no specific policies against this, and much of their communication, including some highly confidential stuff, tends to go by unsecured mail.“What is really needed is a transparent means of mail transfer where users would simply attach and send e-mail, while servers would perform the necessary encryption, transmission and decryption. Such a scenario is available if we go from one Lotus Notes server to another, but there is currently no cross-platform standard that would suit all types of mail software. Until such a standard appears, mail encryption is likely to remain a niche market.” This is a classic example of the problem that many organizations have with secure e-mail – they need it, but they don’t use it as they should. I’d like to get your thoughts on the problems associated with secure messaging. Please drop me a line at mailto:michael@ostermanresearch.com Related content news Broadcom to lay off over 1,200 VMware employees as deal closes The closing of VMware’s $69 billion acquisition by Broadcom will lead to layoffs, with 1,267 VMware workers set to lose their jobs at the start of the new year. By Jon Gold Dec 01, 2023 3 mins Technology Industry Mergers and Acquisitions news analysis Cisco joins $10M funding round for Aviz Networks' enterprise SONiC drive Investment news follows a partnership between the vendors aimed at delivering an enterprise-grade SONiC offering for customers interested in the open-source network operating system. By Michael Cooney Dec 01, 2023 3 mins Network Management Software Industry Networking news Cisco CCNA and AWS cloud networking rank among highest paying IT certifications Cloud expertise and security know-how remain critical in building today’s networks, and these skills pay top dollar, according to Skillsoft’s annual ranking of the most valuable IT certifications. Demand for talent continues to outweigh s By Denise Dubie Nov 30, 2023 7 mins Certifications Network Security Networking news Mainframe modernization gets a boost from Kyndryl, AWS collaboration Kyndryl and AWS have expanded their partnership to help enterprise customers simplify and accelerate their mainframe modernization initiatives. By Michael Cooney Nov 30, 2023 4 mins Mainframes Cloud Computing Data Center Podcasts Videos Resources Events NEWSLETTERS Newsletter Promo Module Test Description for newsletter promo module. Please enter a valid email address Subscribe