ExchangeDefender Corporate Encryption
What do all the cloud storage products you have heard of have in common? None of them are built for business. Look no further, ExchangeDefender Corporate Encyrption is built with business in mind!
In business you need to know that your data is secure, you need to know where it is stored, how it is protected and you need the people you can count on to help you with backups, regulatory compliance, data leakage and access concerns.
ExchangeDefender Corporate Encryption provides an easy and seamless way for organizations of all sizes to implement content protection and comprehensive control over information being sent through email. Powered by ExchangeDefender, Corporate Encryption complies with the SOX, HIPAA, SEC and local government requirements for information encryption while providing powerful audit and policy wizards to meet organizations unique goals.
How It Works
ExchangeDefender Corporate Encryption can detect patterns inside of outbound email and attachments and categorize them as credit card numbers, social security numbers, dates of birth or other company-specific account numbers. Each pattern can be assigned an automatic action to be taken once the message with protected content is detected.
ExchangeDefender Corporate Encryption enables organizations to provide entire dictionaries of words that could indicate data leakage. For example, financial companies working in investments may want to intercept messages that contain words "Guaranteed Investment Returns" or "Insider Information" and assign an appropriate action to meet regulatory compliance.
Corporate Encryption Mechanisms
Pattern detection and lexicons provide only for the piece of the encryption puzzle - automating response to potential loss of corporate data is crucial to operational efficiency. Emails that contain sensitive information can be encrypted and sent to the recipient with the username and a password or can be simply emailed with a link to the encrypted message. For additional security, messages can also be forwarded transparently to the Corporate Compliance Officer (CO) who can review the message and then allow it to be sent or block it outright.
ExchangeDefender Corporate Encryption delivers sophisticated reporting both on the activity of the users and the compliance officer. You can see at a glance which content is protected as well as which messages have triggered compliance and encryption activity. By reviewing this information you can be assured that any suspicious activity is quickly addressed and that you can respond to inquiries about your regulatory compliance on demand.
Encryption Terminology & Implementation
ExchangeDefender Corporate Encryption involves multiple systems to encrypt the message contents and notifications generated by the system.
Managed Web Encryption
Pattern Matching, Processing Order, & Delivery Routing
ExchangeDefender Corporate Encryption message scanning is implemented in the following order:
To improve processing performance and reduce delivery delays, because every single message has to be scanned for potentially sensitive information, ExchangeDefender will encrypt the message using the first pattern it encounters.
If no sensitive information is found in the email, the routing and delivery take place.
If sensitive information is found in the message, the system can take multiple actions as defined initially by the client and the Service Provider.
ExchangeDefender web service is encrypted and message processing of encryption notifications typically takes about one (1) minute.
ExchangeDefender Corporate Encryption provides two types of reciepient experiences that can be controlled by the client as business requirements dictate.
For the ultimate level of protection, ExchangeDefender recommends using Encrypt as the protocol to deliver the message. It assures that the message is only seen by the intended recipient and it cannot be compromised by a hacker or a virus or hacked firewall that may be able to steal information from the recipient's PC. If the information being transferred is sensitive, it should be protected.
For practical purposes, ExchangeDefender provides ClearEncrypt as the protocol to deliver messages that do not need the ultimate level of security. Some large organizations also may have employee contracts or corporate policies in place that prohibit employees from providing any personal information to third party websites (such as signing up for services, etc.) While the message transferred through ClearEncrypt is encrypted throughout the process and is never seen in plain text, the link in the email can be accessed by anyone who has access to the recipient's mailbox. For example, if the recipient has their email automatically downloaded to their smartphone or tablet or laptop and those devices are compromised or lost, third parties may be able to retrieve the message.