1 00:00:01,040 --> 00:00:02,470 S/MIME. 2 00:00:02,470 --> 00:00:06,510 S/MIME is the Secure/Multipurpose Internet Mail Extensions, 3 00:00:06,510 --> 00:00:08,160 also known as S/MIME. 4 00:00:08,160 --> 00:00:10,700 It's a standard that provides cryptographic security 5 00:00:10,700 --> 00:00:13,690 for electronic messaging, things like email. 6 00:00:13,690 --> 00:00:15,560 Now when we talk about S/MIME, 7 00:00:15,560 --> 00:00:18,080 it is built into most email clients you're going to use. 8 00:00:18,080 --> 00:00:20,680 So if you're using Apple Mail or Microsoft Outlook 9 00:00:20,680 --> 00:00:24,540 or even Gmail, it has the capability to support S/MIME. 10 00:00:24,540 --> 00:00:26,780 S/MIME is going to use separate session keys 11 00:00:26,780 --> 00:00:29,876 for each email message that's being sent or received. 12 00:00:29,876 --> 00:00:32,130 We can use digital IDs within Outlook 13 00:00:32,130 --> 00:00:34,650 or digital signatures within many different programs 14 00:00:34,650 --> 00:00:37,570 to give our emails authentication, integrity, 15 00:00:37,570 --> 00:00:40,250 and non-repudiation through S/MIME. 16 00:00:40,250 --> 00:00:41,960 Now S/MIME is a way 17 00:00:41,960 --> 00:00:44,370 that we can encrypt our emails and their content. 18 00:00:44,370 --> 00:00:45,530 The problem with that is 19 00:00:45,530 --> 00:00:48,770 it also encrypts all of their contents, including malware. 20 00:00:48,770 --> 00:00:51,270 So, if I wanted to send you an email 21 00:00:51,270 --> 00:00:52,770 and I was going to encrypt the content, 22 00:00:52,770 --> 00:00:54,210 and I put a piece of malware in there 23 00:00:54,210 --> 00:00:56,650 and encrypted it and sent it to you, guess what? 24 00:00:56,650 --> 00:00:58,960 Your boundaries may not detect it. 25 00:00:58,960 --> 00:01:00,960 Your filter may not detect it 26 00:01:00,960 --> 00:01:02,380 because it's going through encrypted, 27 00:01:02,380 --> 00:01:03,960 and if they don't have access 28 00:01:03,960 --> 00:01:05,780 to your private key to decrypt it, 29 00:01:05,780 --> 00:01:06,980 they're not going to be able to see it 30 00:01:06,980 --> 00:01:08,260 and protect you from it. 31 00:01:08,260 --> 00:01:09,960 So how do you overcome this? 32 00:01:09,960 --> 00:01:11,840 Well, a lot of email gateways 33 00:01:11,840 --> 00:01:14,510 will actually load up the user's private key 34 00:01:14,510 --> 00:01:16,300 so they can decrypt the emails, 35 00:01:16,300 --> 00:01:18,230 look at the contents, make sure they're safe, 36 00:01:18,230 --> 00:01:20,380 and then pass them on to the user. 37 00:01:20,380 --> 00:01:22,550 Again, though, if you're giving up your private key, 38 00:01:22,550 --> 00:01:24,290 that can reduce the security of the system. 39 00:01:24,290 --> 00:01:25,800 So it's something you have to weigh 40 00:01:25,800 --> 00:01:27,370 the pros versus the cons 41 00:01:27,370 --> 00:01:30,305 as you're going through and setting up your S/MIME. 42 00:01:30,305 --> 00:01:32,493 (electronic tones)