Moving encryption to the enterprise edge involves trade-offs

The Energy Department is adopting a cloud-based appliance to handle encryption of unclassified e-mail, taking the processing of encryption off the desktop and easing the department’s burden of handling digital certificates. But, “it’s not a good solution for everybody,” said Michele J. Thomas, the Energy Department’s PKI program manager.

As with any other tool, there are tradeoffs, the first of which is cost for acquiring and maintaining the appliance. “Some agencies might not have the resources to do it,” she said. “That can be a substantial consideration, with budget cuts.”

DOE is using the Entelligence Messaging Server from Entrust, an appliance that sits with the e-mail server and encrypts outgoing e-mail at the edge of the enterprise, whether it is being sent from a desktop or mobile device in the field. Thomas called the adoption of EMS a cost-effective alternative for DOE to manage its own digital certificates. But she said a department or agency must have a bona fide business case for bringing a new piece of equipment into the enterprise.

The evolution of the Personal Identity Verification card, which includes digital certificates for authentication, encryption and digital signing, along with infrastructures such as the Federal PKI Bridge that can leverage trusted certificates from other organizations, can make it easier to enable secure communications without a boundary encryption tool. But neither of these is fully mature.

The move away from static desktops to a more mobile environment in which workers use personal devices to access resources can muddle the picture, making a new appliance a more attractive alternative.

About the Author

William Jackson is a Maryland-based freelance writer.


  • Records management: Look beyond the NARA mandates

    Records management is about to get harder

    New collaboration technologies ramped up in the wake of the pandemic have introduced some new challenges.

  • puzzled employee (fizkes/

    Phish Scale: Weighing the threat from email scammers

    The National Institute of Standards and Technology’s Phish Scale quantifies characteristics of phishing emails that are likely to trick users.

Stay Connected

Sign up for our newsletter.

I agree to this site's Privacy Policy.