Solved

Email Encryption Vendors

Posted on 2014-02-25
2
461 Views
Last Modified: 2014-02-26
Hi -

I already have a spam email system (websense) in place. I'd like to add email encryption, but beyond TLS. I want something that notifies the 3rd party they have a secure email waiting and somehow securely delivers the message.

What are your recommendations?

Basic Facts:

100~ users
Exchange 2010 with DAG
Mixed environment OWA, Outlook 2003-2013.
Email Filter Websense at each Exchange location

Thanks
0
Comment
Question by:First Last
2 Comments
 
LVL 33

Accepted Solution

by:
Dave Howe earned 500 total points
ID: 39887218
Depends on what you want to do with it I guess. I am assuming you don't want to create your own system :)

What you are describing is usually called "oracle based encryption" (despite Oracle not being a company that offer it :)

What usually happens with such solutions is this.
1) the message is encrypted to a session key (this is common across almost all solutions, including pgp and s/mime, so no surprises there)
2) the session key is sent securely to a key oracle (in some solutions, it is generated at the key oracle and sent to the encryption software, but the difference is marginal; in any case, it is encrypted with a unique key, owned by the recipient, on the key oracle server. This key need not exist before a given recipient is messaged, but won't then be protected until the recipient has set a password)
3) the message is sent either to the intended recipient, or to a storage server (systems vary, but to the intended recipient is most common)
4) the message contains a reference url to the key oracle's website where the recipient must log in (creating an account if they don't have one)
5) once the recipient logs in, their password is used to decrypt their secret key, which decrypts the session key, which can then be used to decrypt the message and display it via the website.
6) the recipient may read and optionally securely reply to the mail using what amounts to a webmail like interface.

Providers of such a service include:
Cisco (CRES, requires an "Ironport" email security appliance)
Microsoft (Exchange Hosted Encryption, requires their "forefront" cloud-hosted email scanning package)
PGP Inc (universal gateway; one of the few solutions where the mail is held in your own appliance for increased security/resistance to NSA style attacks)
ZixCorp - offer both appliance based and purely software based solutions.
0
 
LVL 1

Author Closing Comment

by:First Last
ID: 39889031
This is exactly what I was looking to obtain! Thank you for the knowledge.
0

Featured Post

PRTG Network Monitor: Intuitive Network Monitoring

Network Monitoring is essential to ensure that computer systems and network devices are running. Use PRTG to monitor LANs, servers, websites, applications and devices, bandwidth, virtual environments, remote systems, IoT, and many more. PRTG is easy to set up & use.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Suggested Solutions

Title # Comments Views Activity
Exchange server communication paths 2 33
exchange power shell 17 69
Exchange 2016 install error 9 55
exchange 2013 ecp no longer works 2 22
Article by: btan
Provide an easy one stop to quickly get the relevant information on common asked question on Ransomware in Expert Exchange.
This process describes the steps required to Import and Export data from and to .pst files using Exchange 2010. We can use these steps to export data from a user to a .pst file, import data back to the same or a different user, or even import data t…
In this video we show how to create a Shared Mailbox in Exchange 2013. We show this process by using the Exchange Admin Center. Log into Exchange Admin Center.: First we need to log into the Exchange Admin Center. Navigate to the Recipients >> Sha…
In this video we show how to create an Accepted Domain in Exchange 2013. We show this process by using the Exchange Admin Center. Log into Exchange Admin Center.: First we need to log into the Exchange Admin Center. Navigate to the Mail Flow >> Ac…

932 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question

Need Help in Real-Time?

Connect with top rated Experts

10 Experts available now in Live!

Get 1:1 Help Now