Technology and Cloud-Based SaaS Overview

Secure Messaging Platform

Secure the line, not just the message. The Secure Messaging Platform takes email encryption and protected information exchange to a new level by giving professional services organizations ownership of a secure communication path from sender to recipient through their own, fully branded Secure Messaging Platform. Every message is secure, tracked and auditable which allows a User to prove who read their email and what they did with it.

The Secure Messaging Platform is a solution for organizations to gain control of information sent over email without adopting a whole new system of communication. It acts like a ‘gated email community’ available only to ‘Users’ who have been invited and completed the registration process.

Using the Secure Messaging Platform doesn’t mean replacing any technology or applications that are currently in place including email addresses and /or basic email programs. The Secure Messaging Platform acts as a secure message gateway by adding a more reliable protocol that sits on top of existing email infrastructure and introduces security, tracking, controls, large file transfers, and automated delivery features for secure messages – alongside basic email.

1. On ‘SEND’, the email program such as MS Outlook® configured with the MS Outlook® Toolbar intercepts the command and re-routes the message via HTTPS securely instead of sending the encrypted message via SMTP. At this stage, the transmission is encrypted. Once transferred securely to Secure Messaging Platform, the message content and attachments are encrypted ‘at rest’.
2. Recipients receive a message notification alerting them of a new secure message directly in their existing inbox. If the receiving Users are already enabled with the Toolbar using their email program (such as MS Outlook®), the process is seamless: the Toolbar recognizes the notification message and instantly sends a command to the Secure Messaging Platform to authenticate the User and decrypts the message and attachments. This data is then instantly transferred along with the secure message, using the same encrypted HTTPS route and the message is rendered inside the existing inbox.
3. For email programs that do not include a Secure Messaging Platform Toolbar or plug-in, a convenient link is provided within the notification message in the User’s existing inbox to access the web-enabled Secure Message Center that also supports mobile access where a secure message can be read and replied to. Users using the Chrome browser can install the Chrome Plug-in and view secure messages directly in Outlook® Web Access (OWA), Gmail, or any other webmail interfaces within the same familiar interface.

Most other encrypted email products work by encrypting the message being sent using local certificates and public/private key pairs. Aside from the impractical problems associated with setting up and maintaining these other encryption products – particularly for users outside the organization, the more critical issue is that once those secure messages leave the organization’s mail server, they are sent over an unsecured and unreliable SMTP network without any tracking or audit capabilities. Copies of email messages can be left on servers that neither the organization nor the recipients control. The messages can also easily get lost in cyberspace and never make it to their final destination.

The Secure Messaging Platform utilizes a closed-loop of secure and redundant servers for all secure communication and manages all secure messaging functions including message transport, encrypted database storage, archiving and tracking. When a User sends a secure message, a direct and secure connection is established between the sender’s email program (e.g. MS Outlook®) and the Secure Messaging Platform server. When a notification message is received, the sending or receiving User uses their existing email programs (such as. MS Outlook®, web & mobile enabled Secure Message Center, Blackberry) to directly and securely connect to the Secure Messaging Platform to decrypt and read the secure message, attachments and associated metadata contained in the patented ‘Delivery Slip’. Information exchanged securely can only be accessed by authenticated Users (email address and password, or more is required upon registration). Confidential information in secure messages can only be viewed by the Users that they are intended for.

Secure messages are stored decrypted by the local email program (such as MS Outlook®) into the traditional email server repository (e.g. MS Exchange®, Office 365®, Zimbra®) as with any other basic email messages. This means that all organizational data is stored behind the organization’s firewall and any existing archiving, indexing and e-discovery systems continue to work with secure messages, unlike with other email encryption products. Having a single, secure message repository enables the organization to facilitate email compliance standards. If at any point a User stops using the Secure Messaging Platform and uninstalls the MS Outlook® Toolbar, these decrypted secure messages will behave as any other basic email message, without the added functionality of the Secure Messaging Platform (e.g. Delivery Slip with tracking metadata, etc.). Organizational data is never lost.

Secure messages are stored encrypted using the patented Interchangeable Cryptographic Engine using AES 256-bit encryption for data-at-rest storage on the organization’s own branded Secure Messaging Platform – instead of over the internet on unprotected, public SMTP servers, such as with basic email (even if emails are encrypted). AES 256-bit is the only publicly available cipher certified for official government documents classified as ‘Top Secret’. It eliminates cross-contamination of data with our multi-tenant SaaS offering and ensures that the organization’s data is not tampered with or edited over time, and is automatically archived indefinitely.

Cloud-based SaaS Benefits & Cost

The Secure Messaging Platform is offered as a service (SaaS/Cloud On-demand). It is compatible with any email address or email server such as Microsoft Exchange® and Google Apps®, and offers a zero download approach for all sending and receiving Users. New receiving Users are automatically invited to join the Secure Messaging Platform as a ‘Guest User’. A 20-second automatic self-provisioning through the branded web & mobile enabled Secure Message Center provides Users with instant access to secure messages. Optional free self-configurable plug-ins for MS Outlook®, Windows® & Mac® Desktop Agents and native mobile apps such as the Blackberry®, increases accessibility for all Users with minimal training. Organizations can increase customer satisfaction by clearly indicating that they are protecting their customers’ information from falling into the wrong hands and providing them with a simple-to-use encrypted messaging solution that does not require them to change the way they work.

The Secure Messaging Platform was designed so that it will not conflict with other email applications, including other encryption applications. If enabled, Users are able to send basic email messages because the Secure Messaging Platform does not affect any part of existing basic email functionality. Alternatively, a special set-up through the Data Leak Prevention feature can force messages containing specific keywords to be sent securely. When a User sends a secure message, the confidential message bypasses the existing basic email workflow, and switches to using the Secure Messaging Platform workflow. It integrates at the email program level (e.g. MS Outlook®) and does not interfere with existing applications, back-up systems of firewalls; in fact, it only requires port 80 and standard SSL port 443 to function.

Delivered via the SaaS model means:

• No need to worry about hardware and upgrades costs. Everything is taken care of behind the scenes and all updates are automatically installed
• No need for large up-front capital expenditure and months of deployment time
• Corporate deployment time of less than 10 minutes, self-User set-up of less than 20 seconds
• Available around the clock anywhere in the world
• New features are automatically upgraded quarterly at no extra cost
• Data Protection with the patented Interchangeable Cryptographic Engine & Certification process that generates a unique encryption formula for an organization’s data at-rest.

Scalable & Flexible Deployment

Email Encryption Plus can be deployed by department or throughout the organization. Organizations can start their deployment with only a small workgroup and grow their usage based on their specific needs. Legal, Tax and HR departments benefit from an immediate ROI and increased productivity.

• Executives: Allows private confidential communication between the executive team, board members, and other important internal and external stakeholders
• Finance: Ensure private confidential communication with auditors, board members, counsel and other professional bodies
• Human Resources: Ensure private confidential communication internally or externally with employees, employment candidates or other professional bodies
• Marketing and Communications: Send customer newsletters, communicate special offers and important content via video messaging
• Sales Team: Guarantee confidentiality and reliable tracking of RFPs and contract submissions.

Universal Anytime Anywhere Access

The key differentiator is the seamless integration with an organization’s existing email programs and mobile phones such as MS Outlook® and MS Exchange®, Blackberry®, iPhone®, as well as external or Guest User’s individual personal email programs such as Gmail® or Yahoo®.

There are no cumbersome ‘keys’ to exchange and manage for both sending and receiving Users, allowing the organization to exchange confidential information with all stakeholders such as staff, clients and partners, in a complete secure closed-loop environment that is fully auditable. For Users not using MS Outlook®, the web and mobile enabled Secure Message Center ensures that all Users have access to secure messages seamlessly.