ctagle
asked on
How to use Outlook Email Encryption
I'm trying to see whats required to get email encryption setup in Outlook. We have a client who is a home health agency and needs to encrypt all emails coming from their Exchange 2003 server containing confidential information in order to meet HIPAA compliance and send emails to companies. We actually did get some pretty strong encryption setup through Barracuda, but this company that the client is sending emails to apparently lacks the mental capacity to log into a web portal and retrieve emails. So now I'm trying to get outlook to encrypt emails so that they don't have to think much more past "click, open email". The thing I'm not understanding is how these digital ID's work, I was reading an article online but it didn't tell me everything that's required for Outlook to encrypt emails. The things I'm wondering are:
Does the recipient also need to purchase a digital ID to encrypt the message? (if the answer to this question is yes then solution isn't viable anyways)
Does each computer thats going to send encrypted emails have to have their seperate digital ID?
Does each recipient have to add the digital ID for each person into their contents to decrypt messages? For example, if ten people are sending encrypted emails from my client to 20 agents on the other side, does each one of the 20 agents have to go in and add all 10 digital ID's
Also does having exchange affect things at all.
The client is running SBS 2003 with Exchange 2003
Any help is greatly appreciated, any other suggestions are welcome, and if I left anything out let me know. Thanks.
Does the recipient also need to purchase a digital ID to encrypt the message? (if the answer to this question is yes then solution isn't viable anyways)
Does each computer thats going to send encrypted emails have to have their seperate digital ID?
Does each recipient have to add the digital ID for each person into their contents to decrypt messages? For example, if ten people are sending encrypted emails from my client to 20 agents on the other side, does each one of the 20 agents have to go in and add all 10 digital ID's
Also does having exchange affect things at all.
The client is running SBS 2003 with Exchange 2003
Any help is greatly appreciated, any other suggestions are welcome, and if I left anything out let me know. Thanks.
ASKER CERTIFIED SOLUTION
membership
This solution is only available to members.
To access this solution, you must be a member of Experts Exchange.
SOLUTION
membership
This solution is only available to members.
To access this solution, you must be a member of Experts Exchange.
SOLUTION
membership
This solution is only available to members.
To access this solution, you must be a member of Experts Exchange.
Oh, and note that a correctly constructed SAN certificate can reduce the number of Digital IDs required from one per email to one per domain :)
ASKER
Thanks for all your help, turns out in this scenario all we needed was a send connector with TLS configured and a valid ssl cert, all I needed to was create a send connector for their domain and use our existing cert and it was all good to go. Now if only they had told me that from the beginning......>:O
1) for a list of recipient domains, TLS is required
2) for a list of recipient domains, direct delivery is required
you can achieve a situation where mail between yourselves and an external customer is *always* sent over an encrypted channel, so additional encryption per-message is unnecessary; this may require (or at least work better) if you buy a commercial cert for your SMTP bridgehead, but that's just one cert.
note this won't work well if you "front" your mail via another provider (such as mimecast or symantec) for antivirus/antispam filtering.