• Status: Solved
  • Priority: Medium
  • Security: Public
  • Views: 617
  • Last Modified:

Ultra Secure E-Mail solution for Medical Examiner to send and recieve mail.

Are there any 3rd party, or web based vendors that provide ultra secure, two factor, insane encryption that can be purchased on a monthly or yearly plan. And they (Medical Examiner and Forensic Pathologist) want to pass photos and documents securely also. Due to the nature of the content and the liability involved I cannot find a solution that they might consider.
  • 2
1 Solution
gmail :D
The main issue is that you must ensure that the sensitive documents never leaves your company's hands. The moment it goes out onto the internet, it can be tracked, spyed upon, stored by third parties etc.

This means you have to adhere to several paranoia rules:

1) Your server must route the mail. It may NOT use an external SMTP Server like your ISP or Web Hosting provider's SMTP Servers.

2) The message itself must be stored on your own server. It CANNOT be stored on a third party email provider's server like Gmail or Hotmail

3) You must enforce that all access to the mail is done in a secure manner, this means enforcing HTTPS encryption when access the mail via webmail, and NOT allowing users to download a cached copy of mail onto their computers since it becomes a liability as soon as it leaves your server. This means IMAP and POP3 are out.

4) Smartphone access mail must be protected with a PIN code so that if they get lost or stolen the data is safe.

If the ONLY two parties involved are the Medical Examiner and the Forensic Pathologist (e.g. they both work for the same company), then an on-premises Microsoft Exchange Server is an ideal solution:

- Mail that goes from one internal mailbox to another never leaves the server. Exchange routes it internally

- Exchange stores the data on your on premises server, which you control

- Exchange by default enforces HTTPS encryption for webmail, activesync and outlook access

- Exchange can be configured so that PIN codes on smartphones are enforced

The catch is BOTH parties must have mailboxes internally on your exchange server and they may not send emails to outside parties, they must understand that the email is only secure when it is sent to internal mailboxes.
The alternative solution is to have an encryption/decryption system that operates on both sides for both parties - e.g. an outlook plugin that both parties run. The body of the message is encrypted before sending, and decrypted when it is received.

Anybody inbetween sees the body of the email as a bunch of jibberish. This allows you to use whatever mail servers, SMTP servers etc. you like.

I don't have a specific company or product I can recommend, but I definitely know that it exists.

A local company in my area that I went to a networking event with had a product that does pretty much what I described above, but they're a small startup and I'm not sure if that's their flagship product anymore. It might be worth giving them a call, though:

MattRichardsonAuthor Commented:
I know the Medical Examiner will attach remotely (at the hospital or public wifi) to our secure in-house web-mail and we should (according to your post) create an Account for the Forensic Pathologist, who will also likely not be on our local network. But HTTPS is forced and running via web-mail which should be good enough. We do not allow POP or IMAP currently, so I guess we should be covered. I may layer on a third party app later or some form of two factor to help.

Question has a verified solution.

Are you are experiencing a similar issue? Get a personalized answer when you ask a related question.

Have a better answer? Share it in a comment.

Join & Write a Comment

Featured Post

Cloud Class® Course: Microsoft Azure 2017

Azure has a changed a lot since it was originally introduce by adding new services and features. Do you know everything you need to about Azure? This course will teach you about the Azure App Service, monitoring and application insights, DevOps, and Team Services.

  • 2
Tackle projects and never again get stuck behind a technical roadblock.
Join Now