ExchangeDefender: Encryption

Transparent SMTP Email Encryption

ExchangeDefender Encryption provides a transparent SMTP encryption that enables businesses to send policy-based and on-demand encrypted email without requiring additional software installation for the sender and the recipient. By offering a free and transparent encryption mechanism, ExchangeDefender Encryption enables businesses to quickly comply with SOX, HIPAA, SEC and local government requirements for personal information encryption. By making it easy for both the sender and the recipient to communicate securely, ExchangeDefender Encryption extends the business security beyond usual technical constraints.


Highlights:

  • Policy-based encryption rules to mandate encryption to/from email addresses and domains.
  • No software to install and configure, fully transparent process to the sender.
  • Standards based TLS/SSL SMTP combined with 128bit SSL encrypted web application.
  • On-demand encryption for instant encryption without policy rule management.

What does it look like?


How Does it Work?


Easy to Set-up and Use


Create Policies
You can create Encryption policies at https://admin.exchangedefender.com for emails that will be encrypted everytime that an email is sent or received.

On-Demand Encryption
You can instantly encrypt a message by using our "On-Demand Encryption" method by simply typing [ENCRYPT] or [CLEARENCRYPT] into the subject line.

Message Retrieval
Once a message is sent, the recipient will receive a URL to "pick up" or retrieve their encrypted message.


Policy Controlled Encryption Rules

ExchangeDefender Encryption provides a policy-based transparent SMTP encryption - automatically encrypting mail sent from specific senders to specific recipients. By defining senders and recipients email addresses, companies can be assured that all communication sent between the two parties is always encrypted using a 128bit SSL certificate.


On-Demand Encryption

ExchangeDefender Encryption understands that most of the email we send doesn't contain private or personal information data that needs to be encrypted. Sometimes we do exchange NDA documents, quotes or information that is privileged and should not fall into the wrong hands - but creating a complex encryption policy every time and managing it can be tiresome. To address this problem, ExchangeDefender Encryption offers on-demand encryption - you can selectively encrypt a message just by placing the word [ENCRYPT] in the subject.


Registration Free Message Retrieval

Another new feature in ExchangeDefender 7 is our registration -free message retrieval. In addition to our on-demand Encryption tag [ENCRYPT] we've added [CLEARENCRYPT]. This new tag enforces the same 128bit SSL encryption to view sent messages without the registration process. This feature was designed for increased ease of use by the message recipient.


Security Processes, Protocols and Implementation

ExchangeDefender Encryption makes sure that message never goes over the wire in clear text. Email sent from your mail server to our outbound ExchangeDefender network is encrypted using the SMTP SSL/TLS connection, making it impossible for "man-in-the-middle" attacks that "sniff" the connection and look at its contents. Because we cannot enforce this level of encrypted connectivity with every recipient, ExchangeDefender keeps encrypted messages in a secure database and only sends the recipient and invitation to retrieve the file over the encrypted SSL connection. By clicking on the link in the invitation email, users browser is sent to our enrollment site which asks them for personal information and establishes a password and PIN protected credentials so only the user with that email address can access the content.

Our standard (non CLEAR) ExchangeDefender Encryption mechanism makes it difficult to impossible for a "man-in-the-middle" to obtain the email because the actual contents are never transferred over a plain or unencrypted connection. ExchangeDefender Encryption site is only accessible by the recipients who established a password an a PIN, making it impossible for the recipients IT staff to browse through the items as the Administrator. Finally, the enrollment mechanism prevents the users from enrolling into the system before receiving an invitation that is triggered by an encrypted message - there is no pre-enrollment, no ability to resend the password or an easy way to get in through "social engineering."

Finally, all access is logged and can be audited on demand by the sender and business management. If the content were to fall into the wrong hands through in any way, their access would still be logged, making it easy for law enforcement to prosecute.



Encryption Video

To correctly setup Encryption please refer to this Training Video.
Click Here.