ExchangeDefender Encryption

Horizontal.

Summary

ExchangeDefender Encryption and ExchangeDefender Corporate Encryption are email encryption solutions designed to make sending secure email easy. ExchangeDefender Encryption is a secure, encrypted, webmail-driven interface that allows users from multiple organizations to exchange email securely with various degrees of privacy and security. With various industries establishing regulatory compliance requirements on how secure and personally identifiable information should be stored and transferred, ExchangeDefender offers an all-in-one encryption solution that is capable of scaling and fitting business security requirements without inconveniencing the user.

ExchangeDefender Encryption is very easy to use and requires no software installation or complicated / antiquated technology – “sending an encrypted email is as simple as putting [ENCRYPT] in the subject” and our system makes sure that nobody can intercept and read your message except the recipient.

ExchangeDefender Encryption Portal at gives users central access to all encryption emails, contacts, groups, as well as an audit log. From this secure site, accessible via desktop and mobile, you can manage your entire email encryption experience and get an even more powerful control over how your encrypted email is to be accessed. The login credentials or password reset link will be sent to you by your IT department and you can access all services here:

ExchangeDefender Encryption Portal
https://encryption.exchangedefender.com

If you are not an ExchangeDefender Pro subscriber, your IT department needs to obtain a subscription for you. There is no cost or licensing required for your recipients, and there is no software to download or install to access messages. Everything simply works through any modern web browser.

ExchangeDefender Encryption - Dashboard

Horizontal.

Navigation through the ExchangeDefender User Interface (UI) is simple with a tool bar across the top management sections/links on the left. The rest of the UI contains the main area where you manage your Inbox, send emails, setup groups and contacts, audit activity, and manage your settings. Almost all pages will also have a tabbed interface for additional settings, ability to export the current view into a csv/pdf/Excel, and search/paging functions where available.

ExchangeDefender Encryption Dashboard features navigation, recent emails you have worked on, and recent activity on your account. The purpose of the dashboard design is to get you back to your work right away, and to highlight recent activity to help you identify anything suspicious and how your encrypted messages have been received.

Horizontal. Each page also features a navigational “shortcut” that allows you to hop back and forth across many ExchangeDefender services without authenticating again. This single sign-on service currently supports Admin Portal, LiveArchive, Web File Server, and Encryption Portal.

Just tap, click on the service you want, and you will be transported to the dashboard of that service.

ExchangeDefender Encryption - Inbox

Horizontal.

ExchangeDefender Encryption Inbox gives you an overview of all your encryption messages, their status, and gives you the ability to send new messages. Click on + Compose to start sending a new encrypted message.

Inbox also shows you how the message sender categorized the message when they sent it, as either [ENCRYPT] or [CLEARENCRYPT]. The difference between the two is the level of security and authentication – ENCRYPT messages require authentication (with a PIN/password) and make it extremely difficult to compromise by internal IT, hacked devices, etc because PIN/password would only be known to the end user.

New and unread messages are highlighted with a blue background, while read messages have a white background.

ExchangeDefender Encryption - New Message

Horizontal.

ExchangeDefender Encryption can be triggered from any email client or webmail solution just by putting [ENCRYPT] or [CLEARENCRYPT] in the subject. ExchangeDefender Encryption Portal gives you far more flexibility and customization when it comes to sending encrypted messages, as well as a far more efficient and productive experience. If you frequently send messages to same recipients, or groups of recipients, being able to manage them in the same place will save you a lot of time.

New message screen allows you to send the message to groups or contacts that are already defined and saved in the portal, or you can simply type in the recipient’s email address. From there just pick the encryption type you wish to use, set the subject and type in your message. You can even upload multiple attachments, contents of which will be encrypted and which never leave the encryption web site.

ExchangeDefender Encryption – Additional Configuration Parameters

Horizontal.

ExchangeDefender Encryption provides additional management options for each message:

  • Notify me when the recipient reads this message – If you check this box you will receive an email notification that the message has been received and read by your recipient.
  • Destroy this message after it’s been read – If you check this box, your message will be destroyed and deleted from our systems after the client has read it. This is useful if you have sensitive information you don’t want forwarded, shared, printed, or otherwise accessible beyond the first glance.
  • Email me a copy of this message – If you check this box, ExchangeDefender will create a copy of the message and deliver it to your Inbox.
  • Automatically destroy this message after # days – If you check this box, ExchangeDefender will automatically delete the message after a certain number of days. This is a regulatory requirement for many organizations that have data destruction policies in place for IT resources not under their control.
  • Password protect this message – If you check this box, your client will need a password in addition to any other credentials required to access this message. This feature is great if you know that your client has questionable security practices and you don’t want others who share their Inbox to be able to see the contents.
  • Password sharing – If you choose to password protect the message you can either send the password to the recipient in a separate email (automatically, done by ExchangeDefender), or you can give them the password over phone/txt/etc medium you consider more secure and personal.

To [ENCRYPT] or to [CLEARENCRYPT]?

The answer to this is largely driven by your organization and regulatory requirements. There is also the real world where business communication and getting things done are sometimes more important than corporate restrictions. This is simply an opinion based on our experience with millions of users that have relied on ExchangeDefender Corporate Encryption.

When you send a message with [CLEARENCRYPT] your recipient will get a link in their email. When they click on it, they will see the message – that’s it. It’s very convenient and fast, but if someone else has access to their mail server, mailbox, device, etc they can just as easily open the message.

By comparison [ENCRYPT] requires the user to enroll in ExchangeDefender Encryption and provide their contact information, select a password, PIN, etc. It is an extra step, and we designed it to eliminate any possibility of the message getting into wrong hands.

In the real world, your recipient may work for an organization that prohibits them from putting any private or personally identifiable information on the web. If that is the case, they will not be able to enroll in the ExchangeDefender Encryption to receive the message. Unfortunately, that is often the case with the largest corporations in the world.

If you’re in doubt, simply ask the recipient. Neither of you should be compelled to compromise your security, but if you communicate well ExchangeDefender can help you protect both organizations and the confidential information that should remain secret.

ExchangeDefender has a compromise that requires a few extra steps. For an organization that mandates its employees never put in personally identifiable information on the web, you can use [CLEARENCRYPT] which will not require them to setup a username, password, or PIN to access your message. When you send the message simply click on +Additional configuration parameters , check all the boxes on the left, and protect the message with the password. Then contact the recipient and give them the password over phone/txt or whichever medium you consider secure. It is statistically unlikely that anyone attempting to hack them or you has access to emails, phones, text messages, and other information in real-time – and even if they do, the message is destroyed the second the recipient clicks on the link and provides the password.

ExchangeDefender Encryption - Contacts

Horizontal.

ExchangeDefender Encryption makes it easy to be more productive by saving contacts you often send messages to. If you would like to import or create your contacts ahead of time so you don’t have to copy and paste or remember their email address, click on the contacts tab.

Click on +Create New Contact and just provide the name and email address. It’s that simple.

Horizontal.

ExchangeDefender Encryption - Groups

ExchangeDefender Encryption also supports groups so you don’t have to sit and type in email addresses of your recipients every time you send an encrypted message to multiple users.

Horizontal.

You can add contacts to a group by clicking on +Create New Group and providing information about your contacts.

Horizontal.

At any time, you can also click on the + icon next to the group name to +Add more members or click on the red X button next to the contacts you wish to remove from the group.

ExchangeDefender Encryption – Activity Audit Log

Horizontal.

ExchangeDefender cares about your privacy and security. Every single action related to encryption is listed here and it can give you an idea of what was done even after the messages are gone.

This screen is important for compliance and auditing purposes, and can be provided to your Compliance Officer (CO) if there is ever a question about who sent the message, when it was received, by whom, and which IP address they were using.

ExchangeDefender recommends reviewing the activity log periodically for security purposes.

ExchangeDefender Encryption – Recipient Experience

Horizontal.

When you send an encrypted message to the recipient, your message is automatically encrypted and kept on ExchangeDefender’s secure platform. The message never goes across plain text, nor are message contents transferred to the recipient’s mailbox in any way. They simply get the message above telling them that an encrypted message is waiting for them.

To access, view, and respond all the recipient has to do is click on View Message on any device with a modern web browser and they will be taken to the message.

Horizontal.

If you used the [ENCRYPT] option to send the message, the recipient will need to enroll in the ExchangeDefender service and provide the following information. This information is required for legal and security purposes. Once the user has identified themselves and set their password and four-digit PIN the account is officially enrolled and locked down with personally identifiable information no other individual or organization is aware of. These credentials are used to further encrypt and secure the message transfer. They are also used to eliminate the possibility of a man-in-the-middle attack, to keep out the IT department rogue personnel that may be reading emails without authorization, or anyone that has access to recipients’ email.

After they complete the process they will be taken to the message.

If the message was password protected, they will see the following screen:

Horizontal.

When they provide the password, the message is displayed:

Horizontal.

Recipient can then respond to the message, configure their own encryption settings, access attachments or otherwise act on the message as they wish.

ExchangeDefender Encryption – Message Receipt

Horizontal.

If you chose to receive a notice when the recipient has received your message, ExchangeDefender Encryption will send you an email when the recipient reads the message.

Note: This message is generated when the recipient actually looks at the message. This means that they actually clicked, authenticated, and saw the message on their screen. This is an automated process.

ExchangeDefender Encryption – Resetting Recipients Account

Horizontal.

ExchangeDefender Self Service Portal can be used to reset the account belonging to an ExchangeDefender Encryption Recipient. If you infrequently send [ENCRYPT] messages to certain recipients, they may have forgotten their password or PIN. It happens to all of us sometimes. You can access this site here:

ExchangeDefender Self Service Portal
https://www.ExchangeDefender.com/ss

Unfortunately, the security requirements and regulatory requirements prohibit us from making password reset processes you’re used to, and the recipients’ email is used in the encryption process as well to keep ExchangeDefender personnel from being able to decode the message. But if your recipient forgot their password, you can’t send them the message. In that scenario, you can simply reset their account.

Note: Resetting the account simply removes it from our databases, along with any messages waiting for them. The system will check if you’ve sent them encrypted messages and if there is a record of it, you can reset their account on their behalf.

Horizontal.