Email2 Logo
  • PRODUCTS
    • Overview
    • Secure Email PLUS
      • Overview
      • Patented Delivery Slip
      • Outlook Integration
      • Secure Webmail Portal
      • Secure Email for iPhone
      • Secure Email for iPad
      • Secure Email for Android
      • Desktop Agents
      • Messaging Gateway
      • For Administrators
    • Secure Large Files
    • Data Leak Prevention
      • Message Recall
      • Message ForwardFreeze
      • Smart Content Filtering (DLP)
      • F.Y.E.O.
      • CRA Authentication
      • Local Store Archiving
      • Hide Email Address
    • Secure e-Forms
    • Secure e-Statements
    • Technology & Deployment Options
  • LEARNING
    • Overview
    • COMPLIANCE
      • Overview
      • HIPAA
      • SOX
      • GLBA
      • PCI
    • Learning Center & Support
    • Online Product Demos
      • Secure Email PLUS
      • Data Leak Prevention
      • Secure e-Forms
    • White Papers
  • PARTNER
    • Overview
    • Customer Order Form
  • COMPANY
    • About Us
    • News & Blog
    • Patent Portfolio
    • Work@Email2
    • Contact Us
  • PRODUCTS
    • Overview
    • Secure Email PLUS
      • Overview
      • Patented Delivery Slip
      • Outlook Integration
      • Secure Webmail Portal
      • Secure Email for iPhone
      • Secure Email for iPad
      • Secure Email for Android
      • Desktop Agents
      • Messaging Gateway
      • For Administrators
    • Secure Large Files
    • Data Leak Prevention
      • Message Recall
      • Message ForwardFreeze
      • Smart Content Filtering (DLP)
      • F.Y.E.O.
      • CRA Authentication
      • Local Store Archiving
      • Hide Email Address
    • Secure e-Forms
    • Secure e-Statements
    • Technology & Deployment Options
  • LEARNING
    • Overview
    • COMPLIANCE
      • Overview
      • HIPAA
      • SOX
      • GLBA
      • PCI
    • Learning Center & Support
    • Online Product Demos
      • Secure Email PLUS
      • Data Leak Prevention
      • Secure e-Forms
    • White Papers
  • PARTNER
    • Overview
    • Customer Order Form
  • COMPANY
    • About Us
    • News & Blog
    • Patent Portfolio
    • Work@Email2
    • Contact Us

Technology & Deployment Options

The Secure Messaging Platform allows organizations to create and deploy a Secure Messaging portal for purposes of exchanging confidential information securely. The portals or ‘customers’ are branded messaging communities that complement existing email by adding security, compliance, and productivity. They do not replace existing email servers or require changing end-users’ email addresses.

The basic premise behind the Secure Messaging Platform is its simplified approach to security that eliminates the use of key distribution systems (Public Key Infrastructure – PKI) allowing easy Cloud deployment, without sacrificing security and privacy levels expected from these types of solutions. It is designed to meet the smallest to the most demanding secure messaging requirements.

At its simplest form, it creates a ‘closed-circuit’ secure messaging portal with employee ‘opt-in’ features that only require a web browser. Optional plug-ins for Microsoft Outlook keeps the user workflow unchanged. By default, all data sent and received via Microsoft Outlook is store decrypted in the mail server such as Exchange or Google Apps for both sender and recipients. Messages and folders are still searchable and the archive continues to work.

The Secure Messaging Perimeter Gateway offered in the Cloud or On-premise casts a wider net for better data leakage protection. The Secure Messaging Gateway offers transparent outbound encryption and inbound decryption to all internal users, and does not require an Outlook plug-in to be installed. External guest users continue to benefit from all the same plug-ins such as Outlook and mobile apps with the ability to stored decrypted content behind their firewall in their own mail server without any special server configurations.

* Did you Know? A Data Leakage Prevention (DLP) module is available for all deployments with a simple Microsoft Outlook plug-in or Perimeter Gateway, or a mix of both. It includes rule-based HIPAA, GLBA, SOX and PCI lexicons. It also supports customs lexicons, keywords, algorithm or number patterns such as Credit Cards or SNNs. The Perimeter Gateway supports integration with other third party DLP rules engines.

Opt-in Closed Circuit Cloud Secure Messaging

Hosted or On-premise Email (Microsoft Echange, Office365, Google Apps, Zimbra, etc.)

Ideal for SMBs and department within larger organizations, this deployment is up and running within minutes. It requires no changes to your basic email and no complex server configurations. A ‘branded’ Secure Messaging portal is created for each customer, with AES 256 bit ‘at-rest’ encryption ensuring there’s no cross-contamination of data on the multi-tenanted Cloud server.

Employees ‘opt-in’ to communicate securely with internal and external users. An optional plug-in for Microsoft Outlook (2003 – 2013), Desktop Agents for Windows and Mac, Mobile Apps for iOS and Android, and a browser extension for Google Chrome increase ease of use without requiring expensive deployments. Through this deployment, the portal doesn’t require costly server deployments and requires virtually no training. It is as easy as using the ‘Send Secure’ button in Outlook.

  1. The optional plug-in for Microsoft Outlook extend the functionality of the system and patented Delivery Slip without requiring any mail server modifications for both sender and recipient. By default, it stores the secure messages decrypted in the mail server, ideal for indexing, searching and e-discovery. User workflow remains practically unchanged.
  2. No changes are required to the user’s the email address, email program or email server. Microsoft Hosted Exchange & Office365, Google Apps and Zimbra are all supported. All data can be stored decrypted in the mail server.
  3. All communications with the browser or Microsoft Outlook are secured with HTTPS – confidential data is never exposed to unsecure SMTP route. On ‘SEND’, Outlook intercepts the command and re-routes the message and file attachments via HTTPS securely instead of sending the encrypted message via SMTP. At this stage, the user is authenticated and all data transfers are encrypted. Once transferred securely to Secure Messaging Platform, the message content and file attachments are encrypted ‘at rest’ using AES 256bit. No complex keys to rotate.
  4. The Secure Messaging Platform Cloud servers are hosted in Worldclass tier-1 datacenters (OpSource in the U.S.A. and Savvis in Canada). All data in transit is secured with a minimum of 128bit SSL and 256bit AES at rest encryption. The Secure Messaging Platform servers are used as a different ‘route’ (instead of using unsecure SMTP) and do not create a separate mail store – all company data is still available behind your firewall.
  5. A basic email notification is sent through SMTP to notify the recipients of their new secure message. This notification contains no confidential data, no attachment. If equipped with Outlook, the notification message is sent through the sender’s outbound SMTP with all x-headers intact. Recipients equipped with the same Outlook plug-in never see this notification; instead, the secure message is automatically rendered in Outlook and stored in the mail server.
  6. Recipients of secure message benefit from the same great features: the Outlook plug-in recognizes the notification message and instantly sends a command to the Secure Messaging Platform to authenticate the recipient and decrypts the message and file attachments. This data is then instantly transferred along with the secure message, using the same encrypted HTTPS route, and the message is rendered inside the existing inbox. For email programs that do not include a Secure Messaging Platform plug-in, a convenient link is provided within the notification message in the recipient’s existing inbox to access the Secure Webmail that also supports mobile, tablet and visually impaired user access. Users using the Google Chrome browser can install the extension and render secure messages directly in Outlook® Web Access (OWA), Gmail, or any other webmail service within the same familiar interface.

* Did you know? Other ‘park & pull’ products force internal and external users to a web browser to compose and read secure messages. This method creates a separate mail store. Aside from the impractical side effects to the end users, it creates a nightmare from and archiving and e-discovery perspective. To remedy this problem, the Secure Messaging Platform extend the same ‘local store’ capabilities to internal and external guest users, either with the use of the Microsoft Outlook plug-in or Perimeter Gateway.

Perimeter Gateway Cloud Secure Messaging

Hosted or On-premise Email (Microsoft Exchange, Lotus Domino, etc.)
Hosted or On-premise Perimeter Gateway
Hosted or On-premise Archive

The Secure Messaging Perimeter Gateway offered in the Cloud or On-premise casts a wider net for better data leakage protection. It supports multi-tenanted deployments for hosted email providers, as well as on premise deployment for organizations of any size. It sits in-line between the mail server and the SMTP relay (Smart Host) and offers high availability processing. For users, this translate into transparent outbound encryption and inbound decryption, with all secure messages stored decrypted in the mail server. External guest users continue to benefit from all the same plug-ins such as Outlook and mobile apps with the ability to stored decrypted content behind their firewall in their own mail server without any special server configurations.

  1. User workflow remains unchanged with automatic and transparent outbound encryption and automatic user provisioning, and inbound decryption. Option plug-ins for Microsoft Outlook continue to work and enable the display of the patented Delivery Slip.
  2. No changes are required to the user’s the email address, email program or email server. Microsoft Hosted Exchange & Office365, Google Apps and Zimbra are all supported. All data can be stored decrypted in the mail server.
  3. All communications between the Perimeter Gateway and the Secure Messaging Platform are secured with HTTPS or TLS – confidential data is never exposed to unsecure SMTP route. Perimeter Gateway is triggered via specific Outlook commends (Send Secure button), keywords in the subject line (e.g. ‘Secure’) or more complex policies when combined with the Data Leak Prevention module. No complex keys to rotate in this scenario either and supports for full automatic internal and external user provisioning.
  4. The Secure Messaging Platform Cloud servers are hosted in Worldclass tier-1 datacenters (OpSource in the U.S.A. and Savvis in Canada). All data in transit is secured with a minimum of 128bit SSL and 256bit AES at rest encryption. The Secure Messaging Platform servers are used as a different ‘route’ (instead of using unsecure SMTP) and do not create a separate mail store – all company data is still available behind your firewall.
  5. A basic email notification is sent through SMTP to notify the recipients of their new secure message. This notification contains no confidential data, no attachment. The notification message is sent through the sender’s outbound SMTP (Smart Host) with all x-headers intact. Recipients equipped with the Outlook plug-in never see this notification; instead, the secure message is automatically rendered in Outlook and stored in the mail server.
  6. Recipients of secure message benefit from the same great features: the Outlook plug-in recognizes the notification message and instantly sends a command to the Secure Messaging Platform to authenticate the recipient and decrypts the message and file attachments. For email programs that do not include a plug-in, a convenient link is provided within the notification message in the recipient’s existing inbox to access the Secure Webmail that also supports mobile, tablet and visually impaired user access. Users using the Google Chrome browser can install the extension and render secure messages directly in Outlook® Web Access (OWA), Gmail, or any other webmail service within the same familiar interface.
  7. The Secure Messaging platform offers an optional enterprise-grade Secure Messaging Gateway that provides Cloud or on premise support for a wide variety of processing and enforcement services such as Data Leakage Prevention, automatic outbound policy-based encryption, automatic inbound message decryption, and more. The base configuration supports SMTP protocol scanning for keywords, lexicons, number patterns, x-headers and domain-based policies to encrypt or block outbound messages seamlessly (as centrally set by the group administrator). Organizations can set SSN and credit card numbers, or any other ‘keyword’, ‘algorithm’, email addresses or email domains based rules to automatically send securely outside the organization, including file attachments. The Perimeter Gateway runs as a lightweight Windows Service and supports virtual deployments and multi-tenanted processing. It sits in line between the mail server and the smart host and uses TLS for data transmissions with the mail server, and HTTPS for data transmissions with the Secure Messaging Platform.
  8. The internal or hosted Smart Host continues to work independently. Message notifications to secure messages are processed by the Gateway and sent out via the Smart Host as any other regular (unencrypted) messages.
  9. Microsoft Exchange Journaling intercepts outgoing or incoming messages, and Journals them to a specific archiving address. When sending a secure (encrypted) message, the actual message content is sent encrypted through the Secure Messaging Platform. Consequently, Microsoft Exchange will only journal the message notification that does not contain confidential data. In order to complete the archiving process, the Secure Messaging Platform implements a direct method of decrypting and archiving to ensure that secure message content is archived to the third-party archiving provider. When a secure message is sent, the Secure Message archiving functionality creates a copy of the message as a basic (normal) email message, with the full message content decrypted in the body. The archiving system then adds the specified archiving mailbox as an “envelope recipient address”. The archiving system then connects to the third-party archiving SMTP server, authenticates via TLS using the mailbox user credentials, and sends this copy of the original secure message, but decrypted. The third-party archiving system then handles the message and archives it.

Contact Us

1.888.362.4520

sales@email2.com