Private Email Network (PEN): a Controlled, Centralized Secure Messaging Platform

Secure the line, not just the message: the email2 platform takes secure messaging to a new level, giving you ownership of a secure communication path from sender to recipient through your own, fully branded Private Email Network or PEN. Every message is secure, tracked and auditable allowing you to prove who read your communication and what they did with it.

A Private E-mail Network (PEN) is a way for organizations to retain control of the information that they send over e-mail without adopting a whole new system of communication. A PEN is like a “gated e-mail community” available only to members that have been invited and completed the registration and authentication process. Using a PEN doesn’t mean that you have to replace any technology that is currently in place like your e-mail address and or e-mail programs; the email2 platform acts as a secure message gateway by bringing a more reliable protocol to your existing e-mail infrastructure (wrap-around security and productivity enhancements).

1. On ‘SEND’, the Microsoft Outlook or Lotus Notes email2 Toolbar intercepts the command and re-routes the message via HTTPS securely to the PEN instead of sending the message encrypted via SMTP. At this stage, the transmission is encrypted. Once transferred securely to the PEN, the message content and attachments are encrypted ‘at rest’.
2. The PEN then prepares a 'notification message' and sends it back to Outlook or Lotus Notes using the same route, where this notification message is sent from the client’s Outbox to the intended recipients via SMTP (optional). Click here for more information on how these message notifications are being delivered.
3. Recipients receive the notification message alerting them of a new secure email2 message. If the recipients are already enabled using Outlook or Lotus Notes, the process is seamless: the email2 Toolbar recognizes the notification message and sends a command to authenticate the member and decrypt the message and attachments, then transfers this content, along with the Delivery Slip metadata, using the same encrypted HTTPS route. For non-Outlook users, a convenient link is provided in the notification message to access the Secure Webmail or Smartphone client where they can securely read and reply to their secure messages.

Most other secure e-mail solutions available work by encrypting the message being sent using local certificates and public/private key pairs. Beyond the practical problems associated with setting up and maintaining these solutions, especially for users outside of your organization, a larger issue is that once those secure messages leave your mail server, they are sent over an unsecured and unreliable SMTP network without any tracking or audit capabilities. Copies of your messages can be left on servers that neither you nor your recipient control or they can just become lost in cyberspace.

A Private Email Network (PEN) utilizes a closed-loop of secure and redundant servers for all secure communications. The PEN manages all secure messaging functions including message transport, encrypted database storage, archiving and tracking. When a member sends a secure email2 message, a direct and secure connection is established between the sender’s client (e.g. MS Outlook) and the PEN server. When a notification message is received, the member recipient uses the same client (e.g. MS Outlook, IBM Lotus Notes, Webmail or Smartphone client) to directly and securely connect to the PEN to retrieve the message, attachments, voice and video message, and associated metadata contained in the unique email2 Delivery Slip. Information exchanged on a PEN can only be accessed by members of that same PEN with the correct credentials (e-mail address and password, or more). Confidential information in secure email2 messages can only be viewed by the members that they are intended for.

Secure email2 messages can be stored by Outlook into the traditional e-mail server repository (e.g. Exchange, Zimbra) as any other basic e-mail messages (optional, if enabled by the PEN Admin). This means that all company data is stored behind the company’s firewall and any existing archiving or indexing e-mail systems will still work with secure messages, unlike with e-mail encryption programs. Although the email2 platform creates a second data store for all your secure email2 messages, it does not create a ‘separate’ data store: when sent or retrieved, all your secure email2 messages can be stored on your e-mail server as any other basic e-mail messages, ensuring your archiving and indexing infrastructure still works. Having a single, secure message repository enables your organization to facilitate e-mail compliance standards. In the event of a local disaster, secure email2 messages are unaffected because a copy of your data can easily reside in an encrypted state on a remote server. In effect your PEN can be viewed as a full-featured disaster recovery tool for your most sensitive communications. If at any point a member stops using the PEN and uninstall the email2 Toolbar, these downloaded secure messages will behave as any other basic e-mail messages, without the added functionality of the PEN (e.g. Delivery Slip with tracking metadata, etc.). None of the company data is ever lost even if you stop using your PEN.

//Edited: December 2009