Solved

Email Encryption Vendors

Posted on 2014-02-25
2
468 Views
Last Modified: 2014-02-26
Hi -

I already have a spam email system (websense) in place. I'd like to add email encryption, but beyond TLS. I want something that notifies the 3rd party they have a secure email waiting and somehow securely delivers the message.

What are your recommendations?

Basic Facts:

100~ users
Exchange 2010 with DAG
Mixed environment OWA, Outlook 2003-2013.
Email Filter Websense at each Exchange location

Thanks
0
Comment
Question by:First Last
[X]
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
2 Comments
 
LVL 33

Accepted Solution

by:
Dave Howe earned 500 total points
ID: 39887218
Depends on what you want to do with it I guess. I am assuming you don't want to create your own system :)

What you are describing is usually called "oracle based encryption" (despite Oracle not being a company that offer it :)

What usually happens with such solutions is this.
1) the message is encrypted to a session key (this is common across almost all solutions, including pgp and s/mime, so no surprises there)
2) the session key is sent securely to a key oracle (in some solutions, it is generated at the key oracle and sent to the encryption software, but the difference is marginal; in any case, it is encrypted with a unique key, owned by the recipient, on the key oracle server. This key need not exist before a given recipient is messaged, but won't then be protected until the recipient has set a password)
3) the message is sent either to the intended recipient, or to a storage server (systems vary, but to the intended recipient is most common)
4) the message contains a reference url to the key oracle's website where the recipient must log in (creating an account if they don't have one)
5) once the recipient logs in, their password is used to decrypt their secret key, which decrypts the session key, which can then be used to decrypt the message and display it via the website.
6) the recipient may read and optionally securely reply to the mail using what amounts to a webmail like interface.

Providers of such a service include:
Cisco (CRES, requires an "Ironport" email security appliance)
Microsoft (Exchange Hosted Encryption, requires their "forefront" cloud-hosted email scanning package)
PGP Inc (universal gateway; one of the few solutions where the mail is held in your own appliance for increased security/resistance to NSA style attacks)
ZixCorp - offer both appliance based and purely software based solutions.
0
 
LVL 1

Author Closing Comment

by:First Last
ID: 39889031
This is exactly what I was looking to obtain! Thank you for the knowledge.
0

Featured Post

Office 365 Training for Admins - 7 Day Trial

Learn how to provision tenants, synchronize on-premise Active Directory, implement Single Sign-On, customize Office deployment, and protect your organization with eDiscovery and DLP policies.  Only from Platform Scholar.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

If you thought ransomware was bad, think again! Doxware has the potential to be even more damaging.
This article explains how to install and use the NTBackup utility that comes with Windows Server.
In this video we show how to create a mailbox database in Exchange 2013. We show this process by using the Exchange Admin Center. Log into Exchange Admin Center.: First we need to log into the Exchange Admin Center. Navigate to the Servers >> Data‚Ķ
To show how to generate a certificate request in Exchange 2013. We show this process by using the Exchange Admin Center. Log into Exchange Admin Center.:  First we need to log into the Exchange Admin Center. Navigate to the Servers >> Certificates‚Ķ

738 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question