What do all the cloud storage products have in common? None of them are built for business. Look no further, ExchangeDefender Corporate Encyrption is built with business in mind!
In business you need to know your data is secure, where it is stored, and how it is protected.
ExchangeDefender Corporate Encryption provides an easy and seamless way for organizations of all sizes to implement content protection and comprehensive control over information being sent through email. Powered by ExchangeDefender, Corporate Encryption complies with the SOX, HIPAA, SEC and local government requirements for information encryption while providing powerful audit and policy wizards to meet organizations unique goals.
ExchangeDefender Corporate Encryption can detect patterns inside of outbound email and attachments and categorize them as credit card numbers, social security numbers, dates of birth or other company-specific account numbers. Each pattern can be assigned an automatic action to be taken once the message with protected content is detected.
ExchangeDefender Corporate Encryption enables organizations to provide entire dictionaries of words that could indicate unauthorized transmission. For example, financial companies working in investments may want to intercept messages that contain words "Guaranteed Investment Returns" or "Insider Information" and assign an appropriate action to meet regulatory compliance.
Pattern detection and lexicons provide only for a piece of the encryption puzzle - automating response to potential loss of corporate data is crucial to operational efficiency. Emails that contain sensitive information can be encrypted and sent to the recipient with the username and a password or can be simply emailed with a link to the encrypted message. For additional security, messages can also be forwarded transparently to the Corporate Compliance Officer (CO) who can review the message and then allow it to be sent or block it outright.
ExchangeDefender Corporate Encryption delivers sophisticated reporting both on the activity of the users and the Compliance Officer. You can see at a glance which content is protected as well as which messages have triggered compliance and encryption activity. By reviewing this in formation you can be assured that any suspicious activity is quickly addressed, respond to any suspicious activity, and quickly respond to regulatory compliance inquiries.
ExchangeDefender Corporate Encryption involves multiple systems to encrypt the message contents and notifications generated by the system.
ExchangeDefender uses SSL/TLS encryption of the SMTP communication between the client's email server and the ExchangeDefender network. All traffic is automatically encrypted using the same level of security that is used with online shopping, banking, etc.
ExchangeDefender web servers are encrypted using commercial SSL certificates. Client configuration, email review, message retrieval and all services provided through ExchangeDefender websites are automatically encrypted and cannot be accessed through a plain-text process that bypasses encryption.
ExchangeDefender web servers, email servers, and routing hubs secure all client data through multiple layers of security including:
Complex account and login restrictions
Remote access restricted to ExchangeDefender NOC IP address space
All remote access sessions are recorded and authenticated
Administrators do not have access to client message data or configuration information
ExchangeDefender Corporate Encryption message scanning is implemented in the following order:
[01] Check email subject for on demand encryption keywords [ENCRYPT] or [CLEARENCRYPT]
[02] Check for keywords or strings
[03] Check for text & number patterns (account numbers, date of birth)
[04] Check for Social Security Number patterns
[05] Check for Credit Card numbers
Message will be stored on the ExchangeDefender network and the recipient will be notified via email that they have received an encrypted message. The recipient will be provided a secure link to access the ExchangeDefender system, enroll in the service or login to retrieve the message.
Message will be stored on the ExchangeDefender network and the recipient will be notified via email that they have received an encrypted message. The recipient will be provided a secure link to access the ExchangeDefender system which will present the message.
Message will be stored on the ExchangeDefender network and the administrator will be notified via email that a message containing sensitive information has been intercepted. The administrator will be provided a secure link to access the ExchangeDefender system where they can review the message, destroy the message, send the message as plain text, return the message to the sender, or deliver the message as Encrypted or ClearEncrypted.
ExchangeDefender Corporate Encryption provides two types of reciepient experiences that can be controlled by the client as business requirements dictate.
Encryption provides for the best level of message protection because it established authentication on top of encryption and cannot be bypassed by the administrator or man-in-the-middle attacks. When a recipient receives the first encrypted message from ExchangeDefender they are prompted to enroll in the service and provide their name, address, password, and PIN. While the recipient can always retrieve their password reminder, their 4-digit PIN can never be reset. This assures that only the recipient can retrieve the message.
Encryption provides for the casual level of encryption that technically never transfers message contents via plain text. The recipient is not required to enroll, provide a password, PIN, or other information.
