The U.S. Department of Defense will soon start sending more secure emails.
The Defense Information Systems Agency (DISA), the body in charge of the Pentagon’s email, said it plans to enable stronger encryption on all emails by July 2018.
The agency explained its plans to move to a stronger email encryption technology in a letter to Sen. Ron Wyden, a Democrat from Oregon, this week.
The tech is called STARTTLS, a 15-year-old encryption technology that prevents people from spying on emails when they’re sent back and forth. It is widely used by businesses and major tech companies to secure communications.
In March, Wyden told DISA he was concerned that all military email systems did not use this basic security standard by default. Wyden’s office provided the letters to CNNTech.
DISA is making “architectural changes” to enable STARTTLS by default on all Defense Department emails, Major General Sarah Zabel, vice director of DISA, wrote in a letter this week.
Wyden says the move is a longtime coming, and that military members have been vulnerable to surveillance by governments and hackers.
“The Pentagon is doing the right thing by encrypting emails as they are sent to and from the military’s servers,” Wyden said in a statement to CNNTech. “This is a good step, but in my view there’s no reason it should take DOD a year to turn on this industry-standard cybersecurity technology.”
In an April letter, Zabel told Wyden’s office that the agency inspects emails for malicious software, phishing and other exploits. The DoD email spam rate is quite high — Zabel said over 85% of email traffic is rejected on a daily basis.
Many federal agencies already use the encryption protocol, including the NSA and the FBI. But outdated tech in government sectors sometimes prevents adoption of current security features.
In her letter this week, Zabel said aging technology prevents the agency from supporting the security measure by default, but the agency is working to upgrade it.