Need Outgoing Email Encryption - Whats a Cost Effective Solution?

I currently work at a realty company and some of the documents we work with are sensitive, and contain social security numbers and other private data. We have been looking into solutions that can encrypt our outgoing email. I was wondering what solutions the EE team could recommend, these are what I have found. Keep in mind we are a company of 100 employees and do not need enterprise level solutions.

IronPort - very nice Cisco recommended solution, the most costly we have seen however

Postini - For $12/user/year can offer decent encryption, for an extra $35 they offer a portal that delivers the email encrypted...not sure if the latter is worth it or not...anyone know Postini?

Sendmail - second most expensive option

We are running a Smartermail Email server on a Windows based machine, and just need encryption on our sensitive documents. Keep in mind I'm looking for cost effectiveness and currently the best option we have for our 100 employees is Google Postini which with the more advanced package costs ~$5000 annually with a $1750 startup.

Does anyone have any other suggestions or solutions? That'd be great!
Who is Participating?

[Product update] Infrastructure Analysis Tool is now available with Business Accounts.Learn More

I wear a lot of hats...

"The solutions and answers provided on Experts Exchange have been extremely helpful to me over the last few years. I wear a lot of hats - Developer, Database Administrator, Help Desk, etc., so I know a lot of things but not a lot about one thing. Experts Exchange gives me answers from people who do know a lot about one thing, in a easy to use platform." -Todd S.

Postini (which is now owned by Google) is a great solution.  Not only does it do external filtering of spam and viruses, but their new encryption service is pretty strong as well.  If you can afford it, I'd go that route as it handles most email issues in a single suite.

For maximum encryption protection, check out PGP.  You can actually get free or low cost variants, depending on your needs, and it is probably the strongest email encryption that is widely available.  I run a PGP universal server between some very confidential clients and they wont even send a thank you reply without encrypting it.   I want to say we paid less that $3k for a server and 30 client version license of PGP universal.  The advantage of PGP aside from that, is that it also provides encryption of disks, documents etc aside from email, so you can email in the clear and still provide document level protection.

Thats my 2 cents.  Let me know if you have any more questions.
Postini has one serios disadvantage when it comes to encryption. They can't install 3rd party root certificates. It means that if one of the companies your are corresponding is using Etrust or inhouse CA, Postini is not going to able verify other mailserver certificates
That is true.  It seems also since you specifically mentioned document encryption that PGP would be best for that role as it can encrypt whether being emailed or not.
Challenges in Government Cyber Security

Has cyber security been a challenge in your government organization? Are you looking to improve your government's network security? Learn more about how to improve your government organization's security by viewing our on-demand webinar!

danielevans83Author Commented:
I think you may have nailed it with the PGP. I just read about it and it seems like a great solution. Only question now is what OS does it run on, and do we need EXACTLY what it says there to support the server gateway? I have something very close -
Dell Powerdge 2900 with Dual Quad Core Xeon 2.3ghz 4GB RAM 5x250GB SATA2 HD in RAID5 with Redundant PS running Web Server 2003.
It is what is running our email server software (Smartermail). Would that work putting PGP on there and running that? If so that'd be a PERFECT solution. Even if we have to buy a new server just for PGP it still is less than 1 year of Postini subscription.
You can run it on alot less than that actually from a hardware standpoint.  I am currently running on a 2850 with 2.0Ghz and 2GB RAM and it doesnt even come close to using all of our resources in a 50 user shop.  The OS I am not sure on, we run Linux for our PGP server with the individual desktop apps running on Windows clients.  I dont know if you HAVE TO run all versions on Linux, but PGP universal (which is the most common) runs on Linux and is administered via  a web browser.

If you have a small shop, and it sounds like you do, you could probably get away with running it on a recent desktop.  However, you dont necessarily have to have the actual server to use encryption. Try it with just the desktop software and build your key in the main PGP keyserver.  You should be able to encrypt/decrypt etc.  and give it a test run.
danielevans83Author Commented:
So the gateway server software isn't a stand alone product? It has to be used with the desktop client?  Grr...  I knew there was a pricing catch.
We have just 100 users we need to encrypt outgoing sensitive emails on. We can use an in house server, we have a spare older poweredge. If it requires the desktop client too though we might as well just use the desktop client. Would it still provide a web portal to download from if the recipient doesn't have the key or is that a feature of the gateway?
Yes unfortunately the gateway does have to be used with the desktop client.  The gateway provides the web access portal and manages your group keys so that you can retrieve lost ones/revoke/reject etc.  It isnt needed to do the basic encryption, but provides alot of features that most companies need or want.  The total package is still a steal compared to other email securing solutions, but there is some initial cost.
Was that what you were looking for?  Have you made a decision yet?
Ive been playing with Comodos SecureEmail application for the past couple days.  Its quite easy to use, nearly transparent, and integrates directly into Outlook, Outlook Express, and Thunderbird.  

The implementation of one-time session certificates enables encryption of messages to recipients without their own certificate and without the need to exchange certificates.  The recipient can either install SecureEmail (links added to the sent message) or access the message via Comodos secure web reader service.

Comodo SecureEmail is free for personal use, but the pro version might be a viable option for a small office needing to implement encrypted email at low cost.

Roger Wright
danielevans83Author Commented:
I'm looking more for a policy-based encryption as opposed to something the users physically have to use. I can't imagine our users taking the extra step to encrypt email when we're ones who will be legally liable if they don't. We'd rather automate this if possible.  :/

Experts Exchange Solution brought to you by

Your issues matter to us.

Facing a tech roadblock? Get the help and guidance you need from experienced professionals who care. Ask your question anytime, anywhere, with no hassle.

Start your 7-day free trial
It's more than this solution.Get answers and train to solve all your tech problems - anytime, anywhere.Try it for free Edge Out The Competitionfor your dream job with proven skills and certifications.Get started today Stand Outas the employee with proven skills.Start learning today for free Move Your Career Forwardwith certification training in the latest technologies.Start your trial today

From novice to tech pro — start learning today.