Corporate Encryption

Pattern Matching Lexicon- Based Encryption built to more securely fill your Business's Encryption needs. Corporate Encryption is fully brandable and entirely customizable and provides rich reporting to keep track of any changes in your policy settings.

Get started

Easily send and receive encrypted messages by email, url, or sms.


Pattern-Based Encryption

ExchangeDefender Corporate Encryption can detect patterns inside of outbound email and attachments and categorize them as credit card numbers, social security numbers, dates of birth or other company-specific account numbers. Each pattern can be assigned an automatic action to be taken once the message with protected content is detected.

Protect Your Lexicon Dictionaries

ExchangeDefender Corporate Encryption enables organizations to provide entire dictionaries of words that could indicate unauthorized transmission. For example, financial companies working in investments may want to intercept messages that contain words "Guaranteed Investment Returns" or "Insider Information" and assign an appropriate action to meet regulatory compliance.

Corporate Encryption Mechanisms

Pattern detection and lexicons provide only for a piece of the encryption puzzle - automating response to potential loss of corporate data is crucial to operational efficiency. Emails that contain sensitive information can be encrypted and sent to the recipient with the username and a password or can be simply emailed with a link to the encrypted message. For additional security, messages can also be forwarded transparently to the Corporate Compliance Officer (CO) who can review the message and then allow it to be sent or block it outright.

Comprehensive Reporting

ExchangeDefender Corporate Encryption delivers sophisticated reporting both on the activity of the users and the Compliance Officer. You can see at a glance which content is protected as well as which messages have triggered compliance and encryption activity. By reviewing this in formation you can be assured that any suspicious activity is quickly addressed, respond to any suspicious activity, and quickly respond to regulatory compliance inquiries.

Privacy and Encryption Terminology & Implementation

ExchangeDefender Corporate Encryption involves multiple systems to encrypt the message contents and notifications generated by the system.

Channel Encryption

ExchangeDefender uses SSL/TLS encryption of the SMTP communication between the client's email server and the ExchangeDefender network. All traffic is automatically encrypted using the same level of security that is used with online shopping, banking, etc.







Managed Web Encryption

ExchangeDefender web servers are encrypted using commercial SSL certificates. Client configuration, email review, message retrieval and all services provided through ExchangeDefender websites are automatically encrypted and cannot be accessed through a plain-text process that bypasses encryption.






Data Encryption

ExchangeDefender web servers, email servers, and routing hubs secure all client data through multiple layers of security including:

Complex account and login restrictions

Remote access restricted to ExchangeDefender NOC IP address space

All remote access sessions are recorded and authenticated

Administrators do not have access to client message data or configuration information


Pattern Matching, Processing Order, & Delivery Routing

ExchangeDefender Corporate Encryption message scanning is implemented in the following order:

[01] Check email subject for on demand encryption keywords [ENCRYPT] or [CLEARENCRYPT]

[02] Check for keywords or strings

[03] Check for text & number patterns (account numbers, date of birth)

[04] Check for Social Security Number patterns

[05] Check for Credit Card numbers

To improve processing performance and reduce delivery delays, each message is scanned for potentially sensitive information, ExchangeDefender will encrypt the message using the first pattern it encounters. If no sensitive information is found in the email, the routing and delivery take place.
If sensitive information is found in the message, the system can take multiple actions as defined initially by the client and the Service Provider.
Deliver Encrypted Message

Message will be stored on the ExchangeDefender network and the recipient will be notified via email that they have received an encrypted message. The recipient will be provided a secure link to access the ExchangeDefender system, enroll in the service or login to retrieve the message.

Deliver Clear Encrypted Message

Message will be stored on the ExchangeDefender network and the recipient will be notified via email that they have received an encrypted message. The recipient will be provided a secure link to access the ExchangeDefender system which will present the message.

Alert Administrator

Message will be stored on the ExchangeDefender network and the administrator will be notified via email that a message containing sensitive information has been intercepted. The administrator will be provided a secure link to access the ExchangeDefender system where they can review the message, destroy the message, send the message as plain text, return the message to the sender, or deliver the message as Encrypted or ClearEncrypted.

Recipient Experience

ExchangeDefender Corporate Encryption provides two types of reciepient experiences that can be controlled by the client as business requirements dictate.



Encryption provides for the best level of message protection because it established authentication on top of encryption and cannot be bypassed by the administrator or man-in-the-middle attacks. When a recipient receives the first encrypted message from ExchangeDefender they are prompted to enroll in the service and provide their name, address, password, and PIN. While the recipient can always retrieve their password reminder, their 4-digit PIN can never be reset. This assures that only the recipient can retrieve the message.



Encryption provides for the casual level of encryption that technically never transfers message contents via plain text. The recipient is not required to enroll, provide a password, PIN, or other information.