What is Email Encryption?

Hosted exchange services are one of the most secure types of email hosting solutions. This is primarily due to the use of Microsoft Exchange ActiveSync as the transport protocol for email, calendar, contact, journal and note entries. ActiveSync is a secure protocol in its own right.

However, hosted exchange users that are forced to access their exchange mailbox using a different protocol, such as IMAP or POP for some reason, can be exposed to a security vulnerability if their email transfer between the exchange server and the client are not encrypted.

Unencrypted mail transport can lead to the contents of emails being read by third parties should they be able to intercept them. Think of it as the difference between sending a sheet of plain text with a message, and a sheet of encoded text using a cypher. The latter needs to be decoded even if it is intercepted.

Usually, encryption of non-ActiveSync messages is doing using Transport Layer Security (TLS) or Secured Sockets Layer (SSL). As a rule of thumb, TLS is the more secure option. Although, SSL encryption can be simpler to implement. However, this depends upon the version of both SSL and TLS that the hosted exchange services provider is running on the exchange server.