I’ve written before about an enterprise level secure email facility called MKryptor by Fresh Skies, but I’ve also been researching a few other options that are starting to arrive on the scene. One such option is Lockify. Where MKryptor relies on a server based installation and delivers an encrypted email in PDF or ZIP format to your recipient, Lockify is cloud-based, and the email recipient is directed online to get their emails.
I’m currently testing a beta which includes the ability to add attachments, much as does MKryptor. You also have an option to install a Google Chrome app or extension. Once registered on the website, you can then either use the app, extension or website to create your email. Both methods are similar in function, although the app is slightly more slick, and immediately available on your PC. The website is compatible with a wide range of browsers, both desktop and mobile, and even IE 8, although they recommend installing Chrome Frame, as would I if you insist on using Internet Explorer.
The premise is simple, be it on the web or app. Enter your text in the main body of the screen and drag any files you want to send (up to a certain size) onto the page. Once you’ve clicked on the Start Encrypting button, any files are uploaded and the whole message is encrypted.
Once your email is encrypted, you can then configure how often the Lockify Link can be viewed, and when it expires, adding an extra layer of security. You can also allow the recipient to expire the link once they’ve viewed it, making it even more difficult for people to try and intercept the message. On top of that, you are asked to provide at least one question, with a maximum of five acceptable answers, that your recipient must answer before they can open the encrypted mail.
Set those options, and then you are provided with a link and an option to send instructions. It couldn’t be more simple after that: send an email to your recipient with the link details, and then all they need to do is click on the link and answer the question you have set for them. Lockify also supports OpenSSL, so the message can be decrypted locally on your machine, should you so wish.
If successful, the message is decrypted, but cleverly blurred so that passers by can’t look over your shoulder, allowing you to read it at your leisure.
One concern I have had, is that Lockify and its servers are based in the US. Given the recent revelations over PRISM (and Tempora in the UK), and the difference in data protection laws between the EU and the US, I’d be reticent to use anything that stores such information on a US server. I’ve had a quick email conversation with the CEO, Jack Templin, who has told me that they are developing a strategy for compliance with various data protection laws, and the website does clearly state that Lockify have no way of accessing the data – if you don’t know the password, then you won’t be able to access the data. Tellingly though, he did say that they need to see whether them not holding the plain text or the key to the data actually causes them to fall foul of any regulations.
Overall, it’s a great idea, and extremely simple to use. It’s certainly not in the same league as MKryptor, which is geared towards the corporate market, and allows for automated mailing, or simple emailing without having to configure a PGP key at either end of the email conversation. However, it’s ideally suited for the odd email that you might want to send in a more secure manner than normal, and doesn’t need any real technical knowledge to implement. Lockify is something I would look at for those occasions when I do need to send a secure email, although I would like to see the data protection issues clearly addressed. Who knows: plugins for popular email clients might also be something that Lockify can look at.