What Is The EFail Flaw?

The encryption world has seen its first real scare in quite some time, as a vulnerability in OpenPGP encryption and S/MIME encryption processes has been exposed, now being called EFail. Hackers have now taken advantage of a flaw that allows plain-text copies of encrypted emails to be exfiltrated to a third-party when the vulnerability is exposed.

The only solution known to EFail, as of this time, is to uninstall the PGP or S/MIME solution that you are using. Users can mitigate the threat by not sending HTML-formatted emails, but this is not necessarily an easy fix.

Fortunately, some secure email solutions — such as NeoCertified — do not use PGP or S/MIME encryption processes, thus allaying fears that all secure email solutions are now compromised.

What Can I Do If My Solution Is Affected?

If your current PGP or S/MIME encryption solution is believed to be affected by the EFail flaw, you need to stop sending HTML emails immediately and uninstall your encrypted email plug-ins. This disassociation from that service could save you and your recipients from further email compromises.

As an alternative if you’ve been affected, NeoCertified is one particular secure email solution that is not affected by the PGP or S/MIME vulnerabilities. All of our secure email solutions, including our standard secure email portal, our Customer Connect secure contact form, and our NeoGuardian policy filter are not hindered by the EFail flaw.

This means that you’re free to continue sending secure email messages just as you normally would without any interruption. If you’re not currently a NeoCertified user, we do offer free 7-day trials and secure email licenses for only $99 per email address, per year.

Contact us today at Info@NeoCertified.com or at (877) 613-5036.

Written by Peter J. Schaub
President & CEO, NeoCertified