Did you know that when you receive an “encrypted” email from services like Zix, you’re not actually getting encrypted content in your inbox?
Instead, you’re receiving a secure link to a web portal where the sensitive message is stored and can be accessed. This indirect method is necessary because of a simple truth: email was never designed for security.
A Brief History of Email (and Why It’s Still Vulnerable)
Email started in the 1960s as a basic internal messaging tool. By the 1980s, it became compatible across networks—but security wasn’t part of the plan.
That’s why, decades later, we’ve had to bolt on additional protections to keep up with today’s cybersecurity threats:
- TLS (Transport Layer Security) to encrypt messages in transit
- SPF, DKIM, and DMARC to prevent spoofing and phishing
- Secure portals for handling sensitive content
But even with these tools, standard email is still not secure by design.
So, What Is Encrypted Email, Really?
- Encrypted email typically means you’re accessing a message through a secure platform, not that the message itself is encrypted end-to-end in your inbox.
- End-to-end encryption (E2EE), used by tools like ProtonMail and Signal, ensures that only the sender and intended recipient can read the message.
- Most business tools (like Outlook and Gmail) don’t support true E2EE by default—meaning IT admins, providers, or attackers with access to the server could potentially view unencrypted content phishing
- Secure portals for handling sensitive content
What Can Your Business Do?
Security doesn’t stop at your inbox. Protecting your email is just one part of a broader cybersecurity strategy. That’s why we offer free, open Q&A time to help businesses get clarity.
Want to learn more about IT security and best practices?
Plain English Technology Services, Bellingham, WA’s premier IT company, helps businesses with simplicity and actually secure what matters. We’ll review your current setup, explain where the risks are, and recommend practical steps—no fluff, just plain English.