Think about all of the information contained in the emails you exchange every day. If you are concerned about sending sensitive or confidential information via email, we have good news! UW-Madison faculty, staff and researchers have free access to a UW-Madison Digital ID to encrypt and securely send emails. Digital IDs can also be used to digitally sign important electronic documents.
Please attend this one-hour brown bag session, presented in an Angry Birds motif, where we will highlight the dangers of sending unsecured email, demystify the technology used to encrypt email and digitally sign documents, and register you for an ID.
Special note to researchers: If you need to share sensitive research information with individuals from other institutions, use a UW-Madison Digital ID to secure your email.
3. Introduction
Background: Nicholas Davis
Email, the electronic postcard
Why encryption is important
S/MIME, secure email
What is a UW Digital ID
How does a UW Digital ID work
What is inside a digital ID
Where do digital IDs come from
A story of trust, based on massive payments
Digital IDs for secure email
Digital IDs for digital signing
What encrypting email looks like in practice
Interception of data in transit
How to get that important public key
4. Email, the electronic postcard
Easy
Cheap
Gets the idea across
Who can see it
What assurance do
you have of
confidentiality?
Does confidentiality
matter? Yes, no,
maybe…
5. Why Encryption is Important
Keeps private information private
HIPAA, FERPA, SOX, GLB compliance
Proprietary research
Human Resource issues
Legal Issues
PR Issues
Industrial espionage
Over-intrusive government
You never know who is
listening and watching!
6. S/MIME Industry Standard
Secure/Multipurpose Internet Mail
Extensions
The equivalent of a Kevlar envelope
for your email
Email is encrypted (wrapped up)
before sending and is secure for its
entire trip, and at its destination
Email is decrypted (unwrapped) only
by the intended recipient
7. What is a UW Digital ID
• A UW Digital ID is our branded
digital certificate
• A UW Digital ID is the electronic
identification equivalent of a
passport
• It has added benefits too
• Allows you to digitally sign email
and electronic documents
• Allows you to encrypt email for
others
• Allows you to decrypt email which
others have encrypted for you
8. How Does a Digital ID Work
Even some Angry Birds
have difficulty
understanding this!
10. Where Do Digital IDs Come From
• A certificate issuer
recognized by all
computers around
the globe
• Root certificates are
stored in the
computer’s central
certificate store
• Requires a stringent
audit and a lot of
money!
12. Using Digital IDs to Secure Email
Best use for certificates, in my opinion
Public key enables encryption and ensures that
the message can only be read by the intended
recipient
13. Digital ID Also Demonstrates…..
Proof of authorship
The contents of the message have not been
altered from their original form
This is done through the use of digital signing
14. What does it actually look like in practice?
-Sending-
15. What does it actually look like in practice
(unlocking my private key)
-receiving-
16. What does it actually look like in practice?
-receiving- (decrypted)
20. Send Me a Signed Email,
Please, I Need Your Public Key
21. Who Uses UW Digital IDs
Everyone in the Office of the Registrar
Everyone in the Office of Financial Aid
Numerous other departments around campus
Over 1300 users already
Those who want to exchange secure email with people
at other UW-System campuses
For encryption and signing of email and attached files
The entire email is encrypted, including attachments
22. How To Get a UW Digital ID
1. Go to the DoIT Tech Store
2. Tell the friendly people that you would like a UW Digital ID
3. Show them your Faculty/Staff ID card and one other form of ID
4. Go back to your office
5. Within 24 hours, you receive a registration email
6. Follow instructions
7. Click on link to download your UW Digital ID
8. Follow simple import instructions
9. Send a digitally singed email to someone, by clicking on the digitally sign button
10. Now, that person can encrypt mail to you, by clicking on the encrypt button
11. If they send you a digitally signed email, you can now encrypt for them
12. If you both send digitally signed emails, you can now encrypt for each other
13. Digital signed email must only be sent once
* If your department has multiple interested people, we can send someone to do
credentialing at your office