Some entities use third-party Web mail systems (such as are provided by Microsoft, Google, and Yahoo) as emergency or high-availability backup email systems for existing, primary systems. To do so, typically, a “mail forward” is set up in which every email sent to a user at a primary address (e.g., sent to the email address joe.miller@company.com) is also sent to a Web mail address (e.g., jmiller123@gmail.com). If the user's primary mail server (company.com in this example) fails or is otherwise not accessible, the user can continue to access his or her email via the third-party Web mail system (e.g., gmail.com).
Unfortunately, storing sensitive emails outside the security and trust boundary of a corporate or similar email server can introduce risk. For example, some web mail providers sometimes search and data mine email contents to serve targeted advertising. When the email content comprises simple messages pertaining to greetings and online shopping receipts, this behavior may be benign and even possibly desirable. However, if the email content comprises trade secrets, confidential business intelligence, or other sensitive information, a problem arises. As but one example, employees at the Web mail provider may trade stocks opportunistically based on insider information gleaned from the Web-mail email copies. As another example, employees at the Web mail provider may forward the email copies to third parties without the permission of the user whose email is copied to the Web mail provider.
One way to prevent unauthorized access to the contents (or attachments) of emails stored and served by a Web mail provider is to encrypt the emails before they are transmitted from the primary server to the Web mail system. Unfortunately, additional problems arise. As one example, the Web mail provider's native search tools will not be useable because the Web mail's search engine cannot build a meaningful index of encrypted data.