EECONS ENCRYPTED EMAIL SYSTEM
Why and when you should be using Encrypted Email: Once you read more of this document, you will understand that email is not a secure communications-method.
Would you just hand your social-security #, your bank statements, your tax-returns, your credit-card #, your home-address/phone # … to a stranger on the street? How about your divorce-decree or other court/legal documents, contracts your lawyer is reviewing, your accounting-files you are sending your accountant …
Of course not, but that’s what you are doing when you send any of these items via email. The medical field is protected by HIPAA (which is very bad law, a hoax on the public to protect insurance companies/Medicare/Medicaid from patients) which has big penalties for doctors sending medical records/data via email, your financial-data and all else you want private, should be treated the same way.
EECONS’ Encrypted Email System allows you to SECURELY send email solving 100% of the privacy issues.
General rules on email security: Email inherently is not a secure method of communications, there is no such thing as secure email. Using SSL/encrypted email connections in programs like Outlook, or even a webmail based system, in theory only encrypts and protects the communication between you and the email server, thus, protecting ONLY your logon and password ONLY, not the contents of your email beyond this point.
Protecting your logon and password is the only security that SSL/encrypted email provides. Once email reaches an email server the security ends, email traveling the Internet from email-server to email-server is not guaranteed to be encrypted, it may be, but there is no way to know for sure, it cannot be relied upon. Add to that, the person you are emailing may be connecting insecurely to their email server, you have no control over that. Encrypted email is the only solution guaranteed to provide end-to-end privacy.
Recap: Using SSL/encrypted email connections protect your username and password, not the content of your email. Do not use email to send sensitive data, meaning, anything you do not want prying-eyes to see should never be sent via email.
These systems track who you contact, how often you contact each recipient, the content of conversations, you name it, and it is databased and sold. Recently, one company, a gmail marketing partner, admitted that humans were reading and documenting email content as they found their software-based readers were missing too much about you. Even if you do not use one of these services yourself, every time you send email to anyone using one of these free-services, your email is read/scrutinized/documented.
There is one type of email that is secure – if logging onto the EECONS server with a secure connection, send/receive email from other users also using the EECONS server (even from other domain names also hosted by EECONS), and, the person you are communicating with is also properly using encrypted connections. This is the only time email can be considered secure! But, you cannot rely on others having their own email system properly setup with SSL/encryption even if on the EECONS server.
EECONS utilizes a secondary-system called EECONS Encrypted Email to allow sending/receiving 100% encrypted/safe/secure email. Without a secondary-system, there is no way to properly secure email.
The EECONS server can be told to send an email as an encrypted message and not as standard email. When this is done, the email itself never leaves the EECONS server, your recipient will only receive a link to the encrypted email message that requires a password to retrieve the email.
Since this process is done in a web browser using HTTPS (secure connection), the password and email content is 100% encrypted/secure.
To send an encrypted email you must tell the EECONS server to send it using ENCRYPTED Email, which is very easy. Besides the methods described below, EECONS can provide you, at no charge, a special Email address at your domain-name, for instance, email@example.com, which will automatically encrypt all email. That is, all email sent from this special address (and you can have more than one of these special addresses) automatically encrypts without user intervention. This is great for fax machines, scanner and email-blasts where all communications should be end-to-end encrypted automatically.
Please refer to this picture for quick reference – in the example below you will see “ENCRYPTED:”, this is just an example keyword, when signing-up for EECONS Encrypted Email System, you get to choose your own “encryption keyword”
Before continuing – feel free to send yourself a SECURE email message, just go to this website and enter your email address, you will receive an email from the EECONS Encrypted Email system system which is described below.
If you use EECONS’ webmail https://www.eecons.com/email use the KEY-icon in the upper left corner , just click it to encrypt your email
In Outlook, or any other email program, and, this works in Surgeweb also (in Surgeweb you can use the KEY-icon or this method), put the phrase ENCRYPTED: in the subject line – this is a flag to the EECONS server to send the email fully encrypted using the EECONS Encrypted Email System. The keyword maybe anyplace in the subject line and is not case sensitive, these all work: Subject: encrypted: test1 ; Subject: test1 of Encrypted: email ; Subject: this email is encrypted:
Example: you want to send an email with
SUBJECT: please see my email
to send this email encrypted, the subject line could be similar to one of these:
SUBJECT: ENCRYPTED: please see my email
SUBJECT: please see my encrypted: email
This can be automated for Outlook, so you do not need to type “ENCRYPTED:” on your encrypted email, by creating Outlook Stationary with preset entries.
Create Outlook Stationary for encrypted email
In Outlook, start a NEW EMAIL
(just a blank email)
Make the email look the
way you want encrypted email to go
out, put in your Signature and any other personalized look/content.
Put in Subject: ENCRYPTED:
that is “ENCRYPTED: “
Put in a space after the : (colon) to make it easier to add your real subject
Click FILE, SAVE AS
Navigate to your DOCUMENTS folder
The file type should already be Outlook Message Format – Unicode
Put in filename ENCRYPTED
In File Manager, gotot My Documents, find the file ENCRYPTED.msg, Right-Click on the file and Select the Option "Send To" then select "Desktop (Create as Shortcut)”
5) Discard the email you were just editing (it was only used to create the msg file)
To utilize the Outlook Stationary just created, on your Desktop you will see ENCRYPTED.msg shortcut, double-click it and a new Outlook email will automatically open with the Subject line prefilled. DO NOT CHANGE the “ENCRYPTED: ”, just add your normal subject to the end, create your email content the way you would normally and SEND. The EECONS server will see the ENCRYPTED: and will automatically send the email fully encrypted with the EECONS Encrypted Email System.
First time receipt of encrypted message
When a recipient receives their first encrypted email (s)he will be prompted to create a Password and Watermark. This is what your recipient will see when (s)he receives the first encrypted email – notice what is in the red-box
When the recipient clicks on Open Encrypted Message the following will be displayed in a secure browser window with an HTTPS connection
The recipient can now create a password specific to the Surgevault system (this is not an email password), a Password Hint and a Watermark. The Watermark is just a word the recipient will recognize. It can be a child’s name, a pet’s name, a favorite vacation spot, anything, it is just a word the recipient will see so (s)he knows the message is authentic.
Once the initial setup has been completed, future messages will appear showing the Watermark
By clicking the Show Encrypted Message link, the recipient will now see this
Once the recipient successfully enters a password (s)he will see the encrypted email
Notice the red-arrow, to reply to this message securely, select Secure Reply
Training recipients – first time use
NOTE: until first-time encryption (Watermark and Password) is setup by your recipient, email cannot be considered secure. In theory, since the setup information was not done as yet, an intercepted email (very unlikely but must be considered for HIPAA purposes) could allow the interceptor to create a Watermark and Password and intercept this first email. To prevent this from happening, recipients should be sent a dummy encrypted email to do the first-time setup, and once done, all future emails will be fully secure.
To do this: send a not-encrypted email to your email contacts telling them you are going to send them an email they should use to setup the encrypted email on their side and send them pictures of what they will receive. The reason for this is for your recipients to not treat your encrypted email as spam due to not knowing what it is.
And remember, you can also tell them about https://eecons.com/secured
For instance: “You will be receiving an email from me that looks like this (pic below), please complete the setup so I may send you secure email in the future”
Below are pictures that can be used for this purpose:
Once you send that email, send them another email with the Subject ENCRYPTED: which will come to them encrypted allowing them to complete their setup.
Once that one-time setup is complete, your recipient is set to receive encrypted email.
If a recipient wants to write to you encrypted, initiating a new email, not responding to an old one, the only way for them to do this is to take a previously encrypted message from you and do a SECURE REPLY, but note, the Subject line of an encrypted message cannot be modified so this is not a perfect solution. The only other way would be to supply recipients with their own email addresses hosted on the EECONS server.
This document, in its entirety, may be safely shared with others,
there is no security issue with others having this information.