dowhatyoudo22
asked on
Secure/Encrypted Emails in Outlook/Exchange 2010
Looking for suggestions on securing/encrypting emails in my outlook/exchange 2010 environment. I want a user friendly way for my users to be able to selectively send secure email to users external users.
I currently have a hosted email filtering solution in place and does provide this capability but it would require some changes that we are not ready to make.
I'm looking for alternative solutions that would provide this functionality.
I currently have a hosted email filtering solution in place and does provide this capability but it would require some changes that we are not ready to make.
I'm looking for alternative solutions that would provide this functionality.
ASKER
This reads like every individual user would have to get a certificate and every recipient would also require a certificate. Is that correct or am I missing something. Also is it possible to for me to just get one certificate and then issue that certificate to each user that requests it for email encryption?
Yes, every user would need a certificate. They send it to the recipient before they send an encrypted message. I do not have any experience with global certificates. Sorry.
ASKER CERTIFIED SOLUTION
membership
This solution is only available to members.
To access this solution, you must be a member of Experts Exchange.
Microsoft have a standalone encrypted mail solution as well.
What this allows you to do is specify (usually via a word in the subject line) that the email needs to be secure. The recipient then gets an email to say that there is an email waiting and a link to go to. They can then read the email on a web page that Microsoft have provided.
Otherwise it is the certificate route, which I find that unless a user will be fired for not using it, or works in an environment where security is second nature, they aren't used.
Simon.
What this allows you to do is specify (usually via a word in the subject line) that the email needs to be secure. The recipient then gets an email to say that there is an email waiting and a link to go to. They can then read the email on a web page that Microsoft have provided.
Otherwise it is the certificate route, which I find that unless a user will be fired for not using it, or works in an environment where security is second nature, they aren't used.
Simon.
I wasn't aware MS had a standalone version - I have only seen Microsoft EHE; do you have a link to the standalone version?
Just to confirm - it is still a hosted solution, but doesn't require the use of Office365 - that is what I meant. They don't have something that you can install locally.
Simon.
Simon.
Ok, don't recall mentioning O365 - which is a horrible solution anyhow. Real downside of any hosted solution via MS is that you are by default sharing with the American government, and given *all* the major players in this field are American based, none of them are really much better for that. PGP universal IS an on-premise server, which is one improvement, but I would still not trust it not to be compromised.
I keep telling myself that one of these days I must get around to writing an open source, locally hosted solution, but there are a few impediments - firstly, who is going to trust a solution randomly posted to sourceforge, and second, one of the strengths of going with the commercial providers is that you only have to sign up once, and can then receive from and reply to anyone who is a customer of that vendor, rather than having to do it once per correspondent - if you are doing that, you might as well just post the stuff via Drupal and save all the effort :)
I keep telling myself that one of these days I must get around to writing an open source, locally hosted solution, but there are a few impediments - firstly, who is going to trust a solution randomly posted to sourceforge, and second, one of the strengths of going with the commercial providers is that you only have to sign up once, and can then receive from and reply to anyone who is a customer of that vendor, rather than having to do it once per correspondent - if you are doing that, you might as well just post the stuff via Drupal and save all the effort :)
ASKER
Thanks for all the insight. It is all pretty useful information. So what I gather is that my only options are:
- option #1: use a hosted solution. Which I already have in place. I just need to configure my environment to make use of its capabilities
- option #2: use a certificate. Which will require the purchasing of said certificate from a trusted third party for each individual user. Or use one trusted third party certificate and attempt use it for each individual user.
- option #3: obtain an appliance of some sort.
Am I missing anything?
- option #1: use a hosted solution. Which I already have in place. I just need to configure my environment to make use of its capabilities
- option #2: use a certificate. Which will require the purchasing of said certificate from a trusted third party for each individual user. Or use one trusted third party certificate and attempt use it for each individual user.
- option #3: obtain an appliance of some sort.
Am I missing anything?
only that for option #2 you can issue your own certificates, and then relying parties have to explicitly trust them (instead of relying on paid for certs, which are increasingly untrustworthy anyhow :)
http://office.microsoft.com/en-us/outlook-help/encrypt-email-messages-HP010355559.aspx
Then visit www.Comodo.com for a free certificate...
Good luck!