diff --git a/6_public_wireless_checklist.md b/6_public_wireless_checklist.md
index a71a9147e1f37cd9e7cc769a2151bd54298a064f..de41c662120ec3e1ea347fd66b399ace07663c02 100644
--- a/6_public_wireless_checklist.md
+++ b/6_public_wireless_checklist.md
@@ -14,7 +14,7 @@ version: "2.0, DRAFT NOT FOR FOR PUBLIC USE"
This checklist provides a number or practices that can help protect you and your staff when using publicly available wireless networks such as those in hotels, cafés, and airports. Because there are so many ways that wireless networks can be compromised, this checklist is not exhaustive. You are always safest on networks you own and/or control.
-**If performing work using sensitive or confidential information, including anything that required to be protected by law (such as personal health information), you are best off avoiding the use of public networks for those tasks.**
+**If performing work using sensitive or confidential information, including anything that is required to be protected by law (such as personal health information), you are best off avoiding the use of public networks for those tasks.**
## Key
:heavy_check_mark: Record actions
diff --git a/7_email_safety_checklist.md b/7_email_safety_checklist.md
index 1a8929e138d325e0ec325bc676b6c50368c3d817..69cb95c9d892841c660fb77b952f0553b852227c 100644
--- a/7_email_safety_checklist.md
+++ b/7_email_safety_checklist.md
@@ -2,17 +2,19 @@
document set: DIGITAL SECURITY CHECKLISTS FOR U.S. NON-PROFITS
title: Email Safety Checklist
author: Jonah Silas Sheridan, Lisa Jervis
-last modified: 9/2/17
+last modified: 10/11/17
version: "2.0, DRAFT NOT FOR FOR PUBLIC USE"
---
# Email Safety Checklist
## Introduction
+*This checklist comes from the Weathering the Storms toolkit, which contains wraparound documentation including an introduction, frequently asked questions, and a glossary where you can look up any terms that are unfamiliar to you. This is a community-driven document set with the latest version always at https://ecl.gy/sec-check. We welcome your feedback via RoadMap, or our contact form at https://iecology.org/contact/.*
+
This checklist provides a number of practices that can help protect you and your staff when using email to communicate. Before sending an email, ask yourself, would I put this on a postcard that might be kept forever? If the answer is no, consider using other means to communicate.
-Think about the emails you receive like a shut up envelope. If you don't know who sent it or what is in the envelope, you should open it very carefully. Especially since, in the case of email, it may contain viruses or other threats to your organization.
+Think about the emails you receive like a sealed envelope. If you don't know who sent it or what is in the envelope, you should open it very carefully. Especially since, in the case of email, it may contain viruses or other threats to your organization.
-**If performing work using sensitive or confidential information including that required to be protected by law (such as personal health information, employment records and credit card numbers) you are must avoid the use of regular (non-encrypted) email to communicate that information. Where email is your only communication option, you may need to implement an encryption scheme as found in the final checklist item below.**
+**If performing work using sensitive or confidential information, including anything that is required to be protected by law (such as personal health information, employment records, and credit card numbers) you must avoid the use of regular (non-encrypted) email to communicate that information. Where email is your only communication option, you may need to implement an encryption scheme as found in the final checklist item below.**
## Key
@@ -22,74 +24,92 @@ Think about the emails you receive like a shut up envelope. If you don't know wh
:fire: Work flow disruption for staff
## Email Safety Tasks
-:heavy_check_mark: **Train your organization not to send sensitive or controversial information over email whenever possible.**
+:heavy_check_mark: **Train everyone in your organization not to send sensitive or controversial information over email whenever possible.**
:rocket::wrench::fire:
-*Information in these categories include but are not limited to credit card information, social security numbers, health information, organizational strategy, potentially damaging critiques or insults. Establish other practices for sharing this information such as instant messaging, secure downloads or plain old paper mail.*
+*Information in these categories include but are not limited to passwords, credit card information, Social Security numbers, health information, organizational strategy, and potentially damaging critiques or insults. Establish other practices for sharing this information, such as instant messaging, secure downloads, or plain old paper mail.*
:heavy_check_mark: **Use strong passwords for all email accounts; change them on a regular basis, and immediately if you have any suspicion of them being used by a third party.**
:rocket::rocket::wrench::wrench::fire::fire:
-*Strong passwords generally are made with a mix of letters, numbers and symbols and are as long as possible. Teach everyone in your organization how to generate and store strong passwords as well as how to reset their own passwords to critical accounts. Good passwords can be made a variety of ways. One recommended method which you can complete with standard household items is called [Diceware]("http://world.std.com/\~reinhold/diceware.html). See the [Authentication and Passwords Checklist]("5_authenication_checklist.md") in this document set for more recommendations in this area.*
+*Strong passwords generally are made with a mix of letters, numbers and symbols and are as long as possible. Teach everyone in your organization how to generate and store strong passwords as well as how to reset their own passwords to critical accounts. Good passwords can be made a variety of ways. One recommended method which you can complete with standard household items is called [Diceware]("http://world.std.com/~reinhold/diceware.html"). See the [Password and Authentication Safety Checklist]("5_authentication_checklist.md") in this document set for more recommendations in this area.*
:heavy_check_mark: **Learn to recognize suspicious behavior in your email account.**
:rocket::wrench::fire:
-*Generally anything in your email unexpected should be looked at with suspicion. Be wary of any messages that ask you to do something, including clicking a link, opening an attachment or emailing back information. Be aware that it can be easy to fake email “From” addresses so notice any emails that don't match the usual style of the sender indicated in the “From” address. If someone has broken into your account you may see reply messages you don't understand, additional sent items, new folders or filters being created or other settings changes. Suspicious emails or account behavior should be reported to a technical support person and you should preemptively change your password.*
+*Generally, anything unexpected in your email should be looked at with suspicion. Be wary of any messages that ask you to do something, including clicking a link, opening an attachment, or emailing back information. Be aware that it can be easy to fake “From” addresses, so notice any emails that don't match the usual style of the sender indicated in the “From” address. If someone has broken into your account, you may see reply messages you don't understand, additional sent items, new folders or filters being created, or other changes to settings. Suspicious emails or account behavior should be reported to a technical support person and you should preemptively change your password.*
-:heavy_check_mark: **Always login to email over a private connection** :rocket::rocket::rocket::wrench::wrench::fire:
+:heavy_check_mark: **Always log in to email over a private connection.** :rocket::rocket::rocket::wrench::wrench::fire:
-*This means using an address that starts with https:// for webmail, and turning on mandatory SSL or TLS encryption in the settings of your email client. For GMail, connecting using a recent version of the Chrome or Firefox browser will ensure you have such a secure connection*
+*This means using an address that starts with https:// for webmail, and turning on mandatory SSL or TLS encryption in the settings of your email client. For Gmail, connecting using a recent version of the Chrome or Firefox browser will ensure you have such a secure connection.*
-*This practice will help ensure that someone operating on a network between you and your email server cannot read or alter your email in transit. Note that if your email is sent to someone outside of your organization you cannot control the connections between your email server and the recipients' servers nor how the recipients access the message so it is still vulnerable to attack. Because you control your organization and mail server, following this practice may improve the overall security of internal email but is not justification to send sensitive information using email internally or externally.*
+*This practice will help ensure that someone operating on a network between you and your email server cannot read or alter your email in transit. Note that if your email is sent to someone outside of your organization, you cannot control the connections between your email server and the recipients' servers nor how the recipients access the message, so it is still vulnerable to attack. Because you control your organization and mail server, following this practice may improve the overall security of internal email but is not a justification to send sensitive information using email internally or externally.*
-:heavy_check_mark: **Where you can, implement two factor authentication for email accounts.**
+:heavy_check_mark: **Where you can, implement two-factor authentication for email accounts.**
:rocket::rocket::rocket::wrench::wrench::fire::fire::fire:
-*Many email providers have begun to offer login systems that rely on more that one piece of information to identify yourself. There can be several, but usually there are just two; your password and another code you have. Often this is a code sent by text message to your phone but can also be embedded on a special type of USB device, a program that generates codes on your phone or even a piece of paper with preprinted codes. Users will have to get used to having this extra step to login to new devices, but it protects from someone who obtains either item from getting into the account.*
+*Many email providers have begun to offer systems that rely on more than one piece of information to log in. There can be several, but usually there are just two: your password and another code you have. Often this is a code sent by text message to your phone but can also be embedded on a special type of USB device, a program that generates codes on your phone, or even a piece of paper with preprinted codes. People will have to get used to having this extra step to log in to new devices, but it protects from someone who obtains either item from getting into the account. See the [Password and Authentication Safety Checklist]("5_authentication_checklist.md") in this document set for more information on this.*
+
+:heavy_check_mark: **Don't send email attachments unless you are using encryption.** :rocket::rocket::rocket::wrench::wrench::wrench::fire::fire:
+*There are several risks to sending unencrypted email attachments. One is that they are not protected from being viewed or altered between recipients, so you cannot ensure that the document you send is the same one that the recipient receives. A malicious party could change the file to <do what???>. Another is that file attachments tend to remain in recipients' email in-boxes, where they are harder to control. For example, if you filled out an order form using your organizational credit card, and emailed it to a vendor as a PDF, someone who breached their email account would have access to a document containing your credit card information for as long as it was not deleted from the server.
+
+Perhaps the most important risk is that regular use of email attachments builds and encourages a culture of opening them automatically, which is a major source of viruses, malware, and associated intrusions. If your organizational practice is to open only attachments that are encrypted, the chances of opening a malicious file drop dramatically.
-:heavy_check_mark: **Don't send email attachments unless using encryption** :rocket::rocket::rocket::wrench::wrench::wrench::fire::fire:
-*Unencrypted mail attachments are not protected from being viewed or altered between recipients, and they end to stay in email boxes where they are harder to control. Perhaps more important, regular use of attachments builds and encourages a culture of opening them automatically, which is a major source of viruses, malware and associated intrusions. A better practice is to have files on a server and send links to documents instead of the documents themselves. Ideally these links lead to locations that themselves are protected by passwords or other authentication, or are temporary and expire soon after use.*
+A better practice than unencrypted email attachments is to store files on a server and send links to the documents there instead of sending the documents themselves. Ideally these links lead to locations that themselves are protected by passwords or other authentication, or are temporary and expire soon after use. These links can be easily generated in almost all file-storage systems, whether they use servers in your office (such as a Windows file server) or on the web (such as Google Drive, Box, or Dropbox).*
:heavy_check_mark: **Be very careful clicking links or opening attachments in emails.**
:rocket::rocket::wrench::wrench::wrench::fire::fire:
-*Links, often innocuous looking or even hidden within emails, are a major way adversaries get rogue software inside networks. Before clicking a link or anywhere on an email, check that it points to a domain name (such as roadmapconsulting.org) that you recognize and expect (in most email programs, as on the web, hovering over a link displays the URL it points to). If not, check with the sender to make sure you aren't being scammed. Similarly, don't open an attachment unless you are expecting it and the filename is in line with that expectation. **NEVER** open links for files from unknown senders or in otherwise suspicious emails.*
+*Links, often innocuous looking or even hidden within emails, are a major way adversaries get rogue software inside networks. Before clicking a link or anywhere on an email, even if it appears to be from someone you know, check that it points to a domain name (such as roadmapconsulting.org or the domain where your organization's files are stored) that you recognize and expect. In most email programs, as on the web, hovering over a link displays the URL it points to. If the link's destination is unexpected or unfamiliar, check with the sender to make sure the email is legitimate. Similarly, don't open an attachment unless you are expecting it and the file name is in line with that expectation.*
-:heavy_check_mark: **Don't send mass email from standard accounts; instead, use a third
-party service and if possible a dedicated mass email subdomain.**
+**NEVER** *click on links or open files from unknown senders or in otherwise suspicious emails. Unlike people you know and are working with, someone you don't know will never send you a file that you actually need; if a link from an unknown sender actually contains useful information, you will be able to access it via another, more trusted method (for example, a web search).*
+
+:heavy_check_mark: **Don't send mass email from standard accounts; instead, use a third-party service and, if possible, a dedicated mass email subdomain.**
:rocket::rocket::rocket::wrench::wrench::wrench::fire::fire:
-*Sending bulk email from regular email accounts can lead to all sorts of problems for mail delivery primarily by having your ip addresses, accounts or domain name marked, filtered or blocked as a source of spam. You may also wish to send bulk email using a separate domain name from your main email (such as list.roadmapconsulting.org) to further differentiate the traffic and reduce the risk of delivery problems for your regular emails. Additionally ensuring all email lists are opt-in (people have to confirm they want to receive them) and including instructions on how to discontinue them will minimize the chance of your emails being marked as spam by recipients.*
+*Sending bulk email from regular email accounts can lead to all sorts of problems for mail delivery, primarily by having your IP addresses, accounts, or domain name marked, filtered, or blocked as a source of spam. You may also wish to send bulk email using a separate domain name from your main email (such as list.roadmapconsulting.org) to further differentiate the traffic and reduce the risk of delivery problems for your regular emails. Additionally, ensuring all email lists are opt-in (people have to confirm they want to receive them) and including instructions on how to discontinue them will minimize the chance of your emails being marked as spam by recipients.*
-:heavy_check_mark: **Pay for a service to filter spam and viruses from email before it reaches your inbox**
+:heavy_check_mark: **Pay for a service to filter spam and viruses from email before it reaches your inbox.**
:rocket::rocket::wrench::wrench::wrench::fire:
-*This service comes included if you use [GMail]("https://google.com/mail"), [Electric Embers]("https://electricembers.coop") but doesn't with all email services. Filtering mail before it reaches your network lessens the chance of a virus or malware bearing link or attachment being clicked on. After initial setup this service will be nearly invisible to staff, but requires that someone is tasked with dealing with false positives and other email delivery problems. Be aware, however, that this item involves a significant tradeoff: filtering means that another company is viewing your email before it reaches you and so may increase risk of that information being exposed. The [Electric Embers Cooperative] ("https://electricembers.coop/") is an ethically aligned provider which offers such a service specifically for non-profits.*
+*This service comes included with many email providers, including [Gmail]("https://google.com/mail") and [Electric Embers]("https://electricembers.coop"), but not all. Filtering mail before it reaches your network lessens the chance of a virus- or malware-bearing link or attachment being clicked on. After initial setup, this service will be nearly invisible to staff, but requires that someone is tasked with dealing with false positives and other email delivery problems. Be aware, however, that this item involves a significant tradeoff: Filtering means that another company is viewing your email before it reaches you, and this may increase risk of that information being exposed. The [Electric Embers Cooperative]("https://electricembers.coop/") is a values-aligned provider that offers such a service specifically for non-profits.*
-:heavy_check_mark: **Use generic email addresses, and only those addresses, for critical functions such as finance, security or human resources management. Forward critical staff's email to someone else rather than exposing their absence through out of office replies so they cannot be abused.**
+:heavy_check_mark: **To prevent social engineering, use generic email addresses, and only those addresses, for critical functions such as finance, security, and human resources management. Forward critical staff's email to someone else rather than exposing their absence through out-of-office autoreplies.**
:rocket::rocket::wrench::fire::fire:
-*An increasingly common mechanism of attack on small business and non-profit finances is to lookup the names of financial responsible people and create fake emails to or from them requesting non-standard financial transactions due to some sort of emergency condition. This same strategy can be used to obtain all sorts of information or to get people to take other types of actions. By using generic email addresses, coupled with strong internal controls, in your internal management of sensitive processes you can help ensure these sorts of "person to person" social engineering attempts do not succeed.
+*Social engineering is the psychological manipulation of people into performing desired actions, such as divulging confidential information or transferring funds. An increasingly common mechanism of attack on small business and non-profit finances is to look up the names of finance staff on the web and create fake emails to or from them requesting non-standard financial transactions due to some sort of emergency condition. Similar strategies can be used to obtain all sorts of information or to get people to take other types of actions.*
+
+*By using generic email addresses that don't contain staff names, you can help ensure these sorts of "person to person" social engineering attempts do not succeed, as it will make those attempts more obvious and less convincing.*
+
+*Out-of-office autoreplies have also become a way for adversaries to gather intelligence about organizations, and identify periods when absences of key personnel may create opportunities to exploit lapses in standard operating procedures. Not exposing such absences by having email forwarded rather than automatically replied to reduces this risk.*
-*Out of office replies have unfortunately become a way to gather intelligence about organizations and so during absences of key personnel when standard operating procedures may be suspended and less practiced processes engaged, choose to forward email from such employees and leaders during their absences. All of these practices are strongest when coupled with standard, documented and verifiable processes that require additional confirmation beyond just an email.*
-:heavy_check_mark: **Where email is accessed on mobile or laptop devices, configure email clients and web browser to store as little information as possible**
+*All of these practices are strongest when coupled with strong internal controls for sensitive activities: standard, documented, and verifiable processes that require multiple steps involving multiple people for approval. For example, a typical internal control on transferring funds to anyone requires a signature on a form and then a signature on a check or a wire transfer form for the bank. Instituting a practice of getting a voice confirmation from the executive director on any financial request outside of that process would prevent funds being stolen via social engineering.*
+
+:heavy_check_mark: **Where email is accessed on mobile or laptop devices, configure email clients and web browsers to store as little information as possible.**
:rocket::rocket::wrench::wrench::wrench::fire::fire::fire::fire:
-*Most web browsers can and should be set to clear their cache when closed. Most email clients can be configured to not store email offline and to clear caches when closed. Both can be configured not to store passwords as well. By configuring both this way, a lost laptop or phone will potentially result in far less information disclosure. Note that it may also mean that you need to enter a password every time you start the program and cannot access emails when not connected to the Internet so may have extreme operational impact to your team. This practice can be made unnecessary by the use of hard drive encryption on your devices, which will be covered in the associated [Endpoint Protection Checklist]("#") which will be added to this document set in the future.*
+*Most web browsers can and should be set to clear their caches when closed. Most email clients can be configured to not store email offline and to clear caches when closed. Both can be configured not to store passwords as well. When configured this way, a lost or stolen laptop or phone will potentially result in far less exposure of information. Note that this practice will have extreme operational impact to your team, as it means that that users will need to enter a password every time they start their email program, and they will be unable to access emails when not connected to the Internet.*
+
+*This practice can be made unnecessary by encrypting your devices' hard drives. See the [Endpoint Protection Checklist]("4_device_security_checklist.md") in this document set for details.*
-:heavy_check_mark: **Establish an email phishing training and education program and test staff through live testing.**
+:heavy_check_mark: **Establish an anti-phishing training and education program and give staff opportunities for practice through live testing.**
:rocket::rocket::rocket::rocket::rocket::wrench::wrench::fire::fire::fire:
-*“Phishing” is where emails are crafted to look as legitimate as possible in order to get you to click a link or attachment. This is actually a social engineering attack more than a technical one, and so addressing the human element through education is the best way forward. Testing people by sending fake, innocuous phishing emails, is a hard task, but recommended to give people a chance to practice without bad consequences. Be careful as you can create a fear response rather than lasting motivation with this practice so try to be playful and emphasize the positives of these practices There are multiple companies that offer this training if you don't have internal capacity to provide it yourself. [Contact Information Ecology]("https://iecology.org/contact") for referrals.*
+*Phishing is when malicious emails are crafted to look as legitimate as possible in order to get you to click a link or attachment. This is actually a social engineering attack more than a technical one, and so addressing the human element through education is the best way forward. Testing people by sending fake, innocuous phishing emails is a hard task, but recommended to give people a chance to practice without bad consequences. Be careful not to create a fear response rather than lasting motivation; try to be playful and emphasize the positives of good practices rather than the negatives of getting tricked. Never shame your staff for clicking on a bad link. (This episode of the podcast Reply All, ["What Kind of Idiot Gets Phished?"]( "https://gimletmedia.com/episode/97-what-kind-of-idiot-gets-phished/"), is an entertaining and insightful cautionary tale.)
+
+*There are multiple companies that offer anti-phishing training and testing if you don't have internal capacity to provide it yourself. [Contact Information Ecology]("https://iecology.org/contact") for referrals.*
-:heavy_check_mark: **Register any domains that could be accidentally read as the domain you use for your email to prevent targeted phishing attacks using look-alike domains**
+:heavy_check_mark: **Prevent targeted phishing attacks using look-alike domains by registering any domains that could be mistakenly read as the domain you use for your email.**
:rocket::wrench::fire:
-*Phishing attacks are hardest to detect when they include sending people email from addresses with links to websites that appear to be official but are actually hosted by the attacker. One way that this can be done is by registering domain names that look like other domain names -- substituting a capital letter "i" for the letter "l," or an "m" for a double"nn" for example. It is wise, then, to note any ambiguous characters in your domain name(s) and proactively buy any that look similar. Although this will cost you some money, you can renew these at the same time as your other domains so there is little management overhead. You don't even need to setup any services on these domains.*
+*Phishing attacks are hardest to detect when they use email "from" addresses and links to websites that appear to be official but are actually hosted by the attacker. One way that this can be done is by registering domain names that look like other domain names -- substituting a capital letter "i" for the letter "l," or an "m" for "nn," for example. For this reason, it is wise to note any ambiguous characters in your domain name(s) and proactively buy any that look similar. Although this will cost you some money, you can renew these at the same time as your other domains so there is little management overhead. You don't need to set up any services on these domains; you are just buying them so that others do not.*
-:heavy_check_mark: **Setup correct Domainkeys Identified Mail (DKIM) and Sender Policy Framework (SPF) records, and the associated Domain-based Message Authentication, Reporting & Conformance (DMARC) records that build upon these, for your email domains and subdomains.**
+:heavy_check_mark: **Set up correct Domainkeys Identified Mail (DKIM) and Sender Policy Framework (SPF) records, and the associated Domain-based Message Authentication, Reporting & Conformance (DMARC) records that build upon these, for your email domains and subdomains.**
:rocket::rocket::rocket::rocket::wrench::wrench::wrench::wrench::fire::fire:
-*These are highly technical steps made in conjunction with your email and Domain Name Service (DNS) providers to make it hard for spammers or phishers to fake emails from your organization.*
-*Be aware that SPF records require identifying **all** * *the services that are currently sending email on your behalf (which could be databases, mass mailing tools, email list hosts, fundraising tools and more) and incorrect configurations can cause your email to be incorrectly marked as spam. Determining this list carefully is critical to implementing this recommendation in a way that does not interrupt ongoing operations. Once setup, you will need to maintain this list and make changes any time your organization adopts any other tools that send email from the same domain as your GSuite email addresses but otherwise should be invisible in operation.“Hard fail” settings (records ending in "-all") are preferred for SPF records wherever possible, but be careful as this can cause email bounces if your records are not carefully tuned.*
-*DKIM will help assure recipients that your designated mail servers sent the mail they are receiving. DMARC builds on these to tell recipient servers how to respond when the other two records help it identify spam or falsified messages. Once set up, this should have minimal impact on day to day operations, though it make changing your email provider or infrastructure more complex. Find more information at the official DKIM website at http://dkim.org/, the official SPF website at http://www.openspf.org/ and the official DMARC website at https://dmarc.org/. Note that these are easiest to setup using a platform such as GSuite, Office365 or other integrated cloud provider.*
+*These are highly technical steps made in conjunction with your email and Domain Name Service (DNS) providers to make it hard for spammers or phishers to fake emails from your organization. Consult your technical support provider for help.*
+
+*SPF records identify which mail servers are permitted to send email on behalf of your domain. Be aware that setting this up requires identifying **all** *the services that are currently sending email on your behalf (which could be databases, mass mailing tools, email list hosts, fundraising tools, and more); incorrect configurations can cause your email to be incorrectly marked as spam. Determining this list carefully is critical to implementing this recommendation in a way that does not interrupt ongoing operations. "Hard fail” settings (records ending in "-all") are preferred for SPF records wherever possible, but be careful, as this can cause email bounces if your records are not carefully tuned. Once set up correctly, however, you will need to maintain this list and make changes any time your organization adopts any other tools that send email from the same domain as your email addresses. Other that these maintenance steps, this should be invisible in operation. More information is on the official SPF website at http://www.openspf.org/.*
+
+*DKIM will help assure recipients that your designated mail servers sent the mail they are receiving. DMARC builds on these to tell recipient servers how to respond when the SPF or DKIM records help it identify spam or falsified messages. Once set up, these should have minimal impact on day to day operations, though it make changing your email provider or infrastructure more complex. Find more information at the official DKIM website at http://dkim.org/ and the official DMARC website at https://dmarc.org/.*
+
+*Note that all three of these are easiest to set up using a platform such as G Suite, Office365, or other integrated cloud provider <what does "integrated cloud provider" mean in this context? feels jargony and I cannot fix bc I can't suss meaning>.*
-:heavy_check_mark: **Use encryption, preferable "end to end" to secure your email.**
+:heavy_check_mark: **Use encryption, preferably "end to end," to secure your email.**
:rocket::rocket::rocket::rocket::wrench::wrench::wrench::wrench::fire::fire::fire::fire:
-*This is a highly technical and labor-intensive initiative to undertake, but probably the most complete way to minimize any inadvertent disclosure of data through email as hides all email content from any servers or network providers that pass your mail along. It will likely require significant changes to staff practices and inconvenience for your team, but provides far greater compliance with standards such as HIPAA as well as significant protection of sensitive information emailed within your organization. There are various ways to gain protection, but only some are truly "end to end" meaning that you don't have to trust any parties in the middle and encryption and decryption only happens on the devices communicating with each other.*
+*This is a highly technical and labor-intensive initiative to undertake, but is probably the most complete way to minimize any inadvertent disclosure of data through email. Email encryption hides all email content from any servers or network providers that pass your mail along. It will likely require significant changes to staff practices and inconvenience for your team, but it provides significant protection of sensitive information emailed within your organization (and, if it is relevant to you, far greater compliance with standards such as HIPAA). There are various ways to implement email encryption, but only some are truly "end to end," meaning that you don't have to trust any parties in the middle, and encryption and decryption only happens on the devices communicating with each other.*
-*The most common type of end to end encryption is called Pretty Good Privacy (PGP) and has been around for a long time. Consequently there are both a lot of ways to use this type of encryption, it works across many platforms and lacks the ease and strength of some other, more modern encryption schemes. One major tool for for using PGP encryption with email is the [Mozilla Thunderbird]("https://www.mozilla.org/en-US/thunderbird/") email client and the associated [Enigmail plugin]("https://www.enigmail.net/home/index.php"). You can find [a guide for that setup at] ("https://securityinabox.org/en/guide/thunderbird/windows"). OSX's built in Mail program and open source add on [GPGTools] ("https://gpgtools.org") is also a workable tool set for using PGP encrypted email on Macs. Microsoft Outlook works best with a commercial add-on from [Symantec]("http://symantec.com") to use PGP encryption on Windows. [Mailvelope](https://www.mailvelope.com) is a powerful and well audited PGP add-on for web browsers that allows you to use PGP encryption with GMail and almost any other webmail service. Because of its position inside a web browser, its security is generally less assured than the other PGP options above, but is adequate for many organizations, especially when coupled with strong web browser profile controls and careful use of browser extensions as well as other safe browsing practices. Note that as of mid-2017, use of Mailvelope in Firefox is not recommended due to a security vulnerability discovered in it. If you want to use Mailvelope with Firefox, see this blog post for details of how to do so as safely as possible: https://www.mailvelope.com/en/blog/security-warning-mailvelope-in-firefox.*
+*The most common type of end-to-end encryption is called Pretty Good Privacy (PGP) and has been around for a long time. Consequently there are a lot of ways to use this type of encryption, and it works across many platforms. (It also lacks the ease and strength of some other, more modern encryption schemes.) One major tool for for using PGP encryption with email is the [Mozilla Thunderbird]("https://www.mozilla.org/en-US/thunderbird/") email client and the associated [Enigmail plugin]("https://www.enigmail.net/home/index.php"). You can find [a guide for that setup at] ("https://securityinabox.org/en/guide/thunderbird/windows"). OSX's built in Mail program and open source add on [GPGTools] ("https://gpgtools.org") is also a workable tool set for using PGP-encrypted email on Macs. Microsoft Outlook works best with a commercial add-on from [Symantec]("http://symantec.com") to use PGP encryption on Windows. [Mailvelope](https://www.mailvelope.com) is a powerful and well-audited PGP add-on for web browsers that allows you to use PGP encryption with almost any webmail service, including Gmail. Because of its position inside a web browser, its security is generally less assured than the other PGP options above, but is adequate for many organizations, especially when coupled with strong web browser profile controls and careful use of browser extensions as well as other safe browsing practices. Note that as of mid-2017, use of Mailvelope in Firefox is not recommended due to a security vulnerability discovered in it. If you want to use Mailvelope with Firefox, see this blog post for details of how to do so as safely as possible: https://www.mailvelope.com/en/blog/security-warning-mailvelope-in-firefox.*
-*For organizations with more resources, S/MIME is an alternate encryption scheme that works well with a Microsoft Exchange/Outlook environment or with GMail by installing the [Penango]("https://www.penango.com") plugin or using [Google's native offering](https://support.google.com/a/answer/6374496) which requires use of the GSuite Enterprise paid services. An alternate third party managed encryption tool called Virtru (https://virtru.com) is available for GMail and works best if used only with GMail users. Both Google's S/MIME option and the Virtru service are not true end-to-end offerings as you trust those companies to hold the keys that allow you to decrypt email. If interested in either of these solutions be aware that you are entering into a high trust relatioship with Google or Virtru respectively. If wanting to implement any encryption scheme mentioned here for your email, you will need to talk to your technical support provider and be prepared to invest some time and resources into planning, implementation and training.*
+*For organizations with more resources, S/MIME is an alternate encryption scheme that works well with a Microsoft Exchange/Outlook environment or with Gmail by installing the [Penango]("https://www.penango.com") plugin or using [Google's native offering](https://support.google.com/a/answer/6374496), which requires use of the G Suite Enterprise paid services. An alternate third-party managed encryption tool called Virtru (https://virtru.com) is available for Gmail and works best if used only with Gmail users. Both Google's S/MIME option and the Virtru service are not true end-to-end offerings, as you trust those companies to hold the keys that allow you to decrypt email. If you are interested in either of these solutions, be aware that you are entering into a high-trust relationship with Google or Virtru respectively. If wanting to implement any encryption scheme mentioned here for your email, you will need to talk to your technical support provider and be prepared to invest time and resources into planning, implementation, and training.*