journal features
movie reviews
photo of the day

cutting off your nose

the journal of Michael Werneburg

twenty-seven years and one million words

Toronto, 2015.03.23

This article suggests that we should no longer use email, because it's not safe.

As preposterous as this sounds, I actually gave this a moment's thought. Yes, you face risk of loss and/or embarrassment if you can't acquire secure email. For all but the most cash-strapped organizations today, well documented procedures exist for building a secure email service. And deciding how much time and effort to allocate to the job should depend on the costs of the risks.

So what are the risks. There are only a few things that don't belong in an email communication:

1. Unprotected data that are in themselves of value (PII, IP, insider information, and other saleable/actionable things). We know how to secure these things and how to otherwise disseminate the things that can't be secured with reasonable assurance.

2. Records of illegal or unethical activities. Here I'm thinking of the seeming endless parade of emails that are made public where someone is clearly flaunting the law, trying to defraud another party, or even criticizing someone else for trying to do the right thing. If you insist on doing unethical things, by all means consider email a potentially public record of those things.

3. Opinions and facts you'd find too embarrassing to make public: medical records, libelous comments, etc. This should be common sense.

Yes, genuine risks. And I admit, I'd like to see a more usable form of email encryption become commonplace. I've tried a few plugins for this or that mail client over the years and found them all unworkable: clumsy and error-prone, and of questionable compatibility with other platforms.

Also, a few secure web-based email businesses have also popped up over the years, but they never seem to last due to the paranoia of the state. Ladar Levison, the founder of one such business told the story (on his now defunct website) of his business being closed by the US government. He interestingly summed it up thus: "This experience has taught me one very important lesson: without congressional action or a strong judicial precedent, I would strongly recommend against anyone trusting their private data to a company with physical ties to the United States."

So it's on us to build our own secure email services. Which we can do, using sources such as SANS. And then, it's on each of us to be smart about using email.

And that's it. No need to panic, and certainly no need to talk of using the actual postal service as if we could jump backwards several decades to a time when snail mail worked and was sufficient. I take this as a sign of how lazy we've become in our thinking about information risk. Saying, "Don't take risk, no matter what," and then quietly slinking back to old behaviors is like cheating on a diet: pointless and embarrassing. In fact, one of the major responsibilities of adult-hood is to make decisions balancing the appropriate amount of risk with the right objectives.

In fact, this whole concept should be common sense. Email's not only brilliant, but we're well passed the point of being stuck with it. Overboard proposals like "not using email" give "information security" folk a bad name. To eschew one of the most transformative technologies we have today in the name of security is ludicrous.

rand()m quote

It's better to be king of your silence than slave of your words.

—Shakespeare