Feature Highlight: GSatTrack - End-to-End Email Encryption Using OpenPGP
In the modern world, securing data is almost as important as the data itself. GSatTrack supports complete end-to-end encryption of tracking data from the device to its eventual display to portal operators. However, one frequently overlooked aspect of security is email. Email is often the most convenient and demanded mechanism for receiving information such as alerts or reports about tracking assets, but is also typically one of the least secure, with estimates that up to half of all email traffic is sent in plain-text, allowing anyone with access to the network to read it.
The solution to this problem is to encrypt and sign the email message itself, allowing only the intended recipient to read and verify its contents. The technology GSatTrack uses to accomplish this is OpenPGP, the most widely-supported email encryption standard available. OpenPGP is the open standard of the Pretty Good Privacy (PGP) program and works by having users exchange identifying keys with each other, which are then used when encrypting/decrypting messages sent between the two users.
The only requirement for using email encryption with GSatTrack is to have an email client or plugin that supports OpenPGP. Many major webmail providers, such as Yahoo and Google, are in the process of developing and testing OpenPGP plugins for their services as part of their efforts to secure their users data. There are also several third-party OpenPGP plugins available for use today, such as Enigmail for Thunderbird, Gpg4win for Outlook, and Mailvelope for webmail.
Once your email client has been setup to work with OpenPGP, you then need to perform two simple steps:
1.) Enter your OpenPGP public key into GSatTrack for your email contact
2.) Import GSatTrack’s public key into your keyring
There are multiple ways to accomplish this depending on the client or plugin you have chosen. In this specific example, we will assume you are using Enigmail and Thunderbird.
1) Open Kleopatra (the application used to store your certificates and keys), select your certificate from the "My Certificates" list and click the "Export Certificates" button.
Save the .asc file and then open it with a text editor, such as notepad.
2) Enter the contents of the .asc file into the “OpenPGP Public Key” field of the email contact on GSatTrack, found under Alerts > Contacts:
3) On that same page, you’ll see the link to “Download portal OpenPGP Public Key”. Click that link to download GSatTrack’s public key.
4) Import the certificate into Kleopatra using the “Import Certificates” button.
5) Now emails sent from GSatTrack will be encrypted and viewing them from Thunderbird will require your password to decrypt them, ensuring complete security.
Before decryption:
After decryption:
While end-to-end encryption of email can currently be somewhat tedious to setup, the security advantages it provides are well worth the initial effort. And with all major email providers committing to the OpenPGP standard, and more intuitive and accessible email encryption in general, GSatTrack is ready to help you keep your tracking data secure.
If you need help in setting up encryption for your tracking account, simply contact us.