Simply Send Secure Emails
Interview with Günter Esch, Managing Director of SEPPmail Deutschland GmbH
When SEPPmail's solution for secure email communication was developed 25 years ago, no one thought of a long-term business model: the major players would soon elevate encrypted mail traffic to a standard. How wrong they were: In the interview, Managing Director Günter Esch revealed how the company today supports doctors' offices, tax advisors, and craft businesses in secure digital correspondence.
Wirtschaftsforum: Mr. Esch, SEPPmail has been striving to create trust in email communication for 25 years now – what prompted the founding of your company?
Günter Esch: Our founder Stefan Klein was initially responsible for IT at a law firm, and one of the clients insisted on communicating with his legal counsel exclusively through encrypted means. However, teaching the lawyers there how to correctly use a PGP key did not seem to be the optimal way. Four months later, the first prototype for a targeted solution was developed – at that time, no one thought about a sustainable business case. In no more than three or four years – it was quite confidently assumed – the encryption of all emails would eventually become standard; the major players would take care of that. 25 years and many iterative developments later, SEPPmail has grown much larger than anyone could have possibly imagined at that time.
Wirtschaftsforum: How exactly does your solution work?
Günter Esch: Essentially, there are two interlocking technical approaches to secure emails: One of these aspects involves digital signatures – if it arrives intact at the external recipient, it proves that the content has not been altered and that the sender listed is indeed the actual sender. Although this technique is fundamentally quite simple, despite increasing resonance in recent years, it has still not become universally established. Such a signature also includes a corresponding certificate, issued by a so-called Certificate Authority, which in turn involves a public and a private key. The public key is sent along with the respective email to the recipient – you can think of it like an open padlock. If the recipient responds to this email, they can metaphorically close this padlock – and only the original sender can ultimately open the response with the private key. This asymmetric encryption solution remains the core of our capabilities to this day.
Wirtschaftsforum: And beyond?
Günter Esch: Essentially, we always aim to select the optimal encryption method for the specific application field of our customer – this could also involve spontaneous encryption: If one wants to communicate securely with a recipient, one can simply send an email with a corresponding attachment, which the recipient then opens and goes through a short registration process. Subsequently, they can access the email contents independently of the key. This already shows: SEPPmail has tirelessly worked for 25 years to provide security through encryption as simply as possible – because a cybersecurity solution that is not easy and accessible is not fit for a security concept at all. Our user only needs to state that the respective email is confidential, and our system takes care of the rest in the background. Moreover, we provide a highly professional email filter that sits at the gateway of the respective organization, where it already sorts out spam and malware. We also heavily rely on local knowledge: For example, there was a recent increase in attacks from Morocco, where fake applications for nurses were sent in perfect German to smuggle individuals into the country. For securely sending large files, we also offer our own solution – as emails usually have quite strict size limitations.
Wirtschaftsforum: Has the topic of cybersecurity become more prominent on your clients' agendas recently?
Günter Esch: When I started my work at SEPPmail in 2011, hardly anyone was interested in secure email communication. Interest only gradually increased after Edward Snowden's revelations made it clear who was reading along, and the enactment of GDPR in 2018 gave implementation a further boost. The damages from cybercrime, which tragically affect the German middle class year after year in the billions, are now noticeably driving demand – because sustainable and cost-effective protection is possible! Since we started offering our service as a cloud solution, the entry barriers have dropped even further, so that SEPPmail can now support customers in a wide range of industries: From small roofing companies to law firms, clinics, medical practices, banks, and insurance companies, to automotive suppliers and DATEV, which provides our solution as a service to all tax advisors in Germany. We are committed wherever secure communication is essential in everyday life.