COCO3515
asked on
Looking for an Encrypted Mail solution.
We've recently received a number of emails that requires us to securely login and retrieve emails
at the sending organization/company’s mail system, due to sensitive data.
We would also like to implement a secure email system like theirs for transmitting sensitive documents
and I'm not sure whether we need to sign up for a Service or need a special purpose mail Appliance.
Our emails are not in the cloud. They are hosted onsite using Exchange and an Antispam appliance.
Thank you!
at the sending organization/company’s mail system, due to sensitive data.
We would also like to implement a secure email system like theirs for transmitting sensitive documents
and I'm not sure whether we need to sign up for a Service or need a special purpose mail Appliance.
Our emails are not in the cloud. They are hosted onsite using Exchange and an Antispam appliance.
Thank you!
ASKER CERTIFIED SOLUTION
membership
This solution is only available to members.
To access this solution, you must be a member of Experts Exchange.
We have used Greenview data for 5 years without any major issue. I like the back-end encryption implementation style with no end user implementation and price the most. The support is solid and USA based. Zixcorp.com (a large enterprise encryption company) purchased them in 2018.
https://www.greenviewdata.com/email-encryption/
Large enterprise:
https://www.zixcorp.com
https://www.greenviewdata.com/email-encryption/
Large enterprise:
https://www.zixcorp.com
Most of my client uses Voltage for sensitive mails. Check this:
https://www.microfocus.com/en-us/products/email-encryption-security/overview
Apart from above, you can also implement DLP solution. One of client uses combination of DLP and Voltage. If DLP detects mail as sensitive, it sends that mail to Voltage for encryption. It works like this:
User send an email>Exchange forward to DLP using custom DLP agent>DLP Scans the mail and determine, if mail need to be encrypted or not>If no encryption required, it sends back to Exchange and Exchange relays. Else it send it to Voltage for encryption.
Bit complicated design, but it works well.
https://www.microfocus.com/en-us/products/email-encryption-security/overview
Apart from above, you can also implement DLP solution. One of client uses combination of DLP and Voltage. If DLP detects mail as sensitive, it sends that mail to Voltage for encryption. It works like this:
User send an email>Exchange forward to DLP using custom DLP agent>DLP Scans the mail and determine, if mail need to be encrypted or not>If no encryption required, it sends back to Exchange and Exchange relays. Else it send it to Voltage for encryption.
Bit complicated design, but it works well.
I forgot to mention that the Greenview product encrypts everything/all outbound emails regardless of any specific attribute or trigger. Another plus is the end users do not notice anything and do not have to hit any Outlook/email client button to encrypt, which most forget anyway.
2) at the sending organization/company’s mail system - This doesn't really make sense.
If a company sends email to you, then you have control over POP/IMAP + also mail submission, so you'd have to force only allowing submission via opportunistic TLS. Likely you'd do this for a set of users like...
Open in new window
If you mean you'd actually like to read secure email from someone else's system, then they will have to setup SSL wrapped POP or IMAP + provide you with a login.
3) By sending secure email, I'm guessing you mean encrypted email.
This is very complex + requires both parties to email agree upon an encryption strategy + then shared their public (decryption) keys with each other.