Countless e-mails are sent and received every day. Unfortunately, not all of them are quite what they seem. Criminals pose as respectable senders to trick people out of information and money. Lack of e-mail security causes all sorts of problems.
Securing the whole chain
The basic e-mail protocol isn't secure, so the only way to be confident that your mail is safe is to take additional precautions. Various new protocols have been developed, which make it easier to recognise and cut out fake mail. However, their effectiveness and efficiency depend on them being implemented all the way along the chain between sender and recipient. Major international service providers already follow the protocols, but there is still a long way to go. By no means all organisations yet make use of securer e-mail.
With the aim of getting security protocols more widely adopted, the Dutch government and business community have set up the Secure E-mail Coalition. The protocols they are pushing are DMARC+DKIM+SPF for protection from forged mail, and STARTTLS+DNSSEC+DANE to guard against interception. All the protocols are 'open', meaning that anyone can use them for free. They make it harder for crooks to send phishing mail that seems to come from a trusted person or organisation. They also help to prevent business mail and other private messages being read in transit by people who don't have permission.
"At SIDN, we've been using these protocols for years and playing an active part in their further development and adoption," says SIDN Labs Research Engineer Marco Davids. "The coalition is a big step in the right direction," adds SIDN's CEO Roelof Meijer. "Its members are key players, who have committed themselves to making a real effort to get the protocols rolled out across their organisations. That will mean working closely together and sharing their knowledge and experience. They'll also be encouraging other organisations to follow suit. It's great that they are putting their weight behind secure e-mail traffic. SIDN warmly welcomes this initiative."
The Secure E-mail Coalition is headed up by the Ministry of Economic Affairs and the Forum for Standardisation. Also involved is the Platform for Internet Standards (Internet.nl), which is a joint initiative by the Dutch internet community and the government.
The Coalition's members are: PostNL, KPN, the Dutch Payments Association, the DDMA, Thuiswinkel.org, VNO-NCW, MKB-Nederland, Secure On Line, the Dutch Data Center Association, Digital Infrastructure Netherlands, XS4ALL, the Ministry of the Interior and Kingdom Relations, the Fraudehelpdesk, ICT Netherlands and the Tax Service. All members of the Secure E-Mail Coalition will be working to improve e-mail security throughout their organisations by implementing the protocols referred to above.