Monday, 5 July 2010

ExchangeDefender – On The Fly Outbound E-mail Encryption

A neat new feature available to our clients and us that have our e-mail protected by ExchangeDefender is the ability to encrypt our outbound e-mail on the fly.

Not only do we have the ability to encrypt on the fly, but we also can specify certain e-mail domains to receive _only_ encrypted e-mail.

So, just how does the process work?

  1. Start a new e-mail in your e-mail client of choice.
  2. Set the subject line to: [Encrypt] My Subject Line
    • Note the inclusion of the square brackets around the word. They are needed for a successful e-mail encryption.
    • image
  3. Type up the e-mail and attach any needed support documentation.
  4. Send the e-mail.
  5. The receiver will see the following:
    • image
  6. The first time the receiver clicks on an ExchangeDefender encrypted e-mail link, they will need to enrol in the ExchangeDefender Encryption service using the following information:
    1. First Name
    2. Last Name
    3. Address lines
    4. City, State, ZIP
    5. Country
    6. The e-mail address associated with the recipient will already be populated.
    7. A password for their account will need to be set.
    8. A 4 digit PIN for password recovery purposes.
  7. Click the Enroll button once the information fields are filled out.
  8. A message indicating that the account was created and presents a log-in link.
    • image
  9. Once logged into the service, the recipient will be able to download any attachments, reply to the e-mail, and/or destroy the e-mail.
    • image

Note that when replying to the encrypted message a copy of the e-mail will not be sent to the recipient’s e-mail address. The reply received by me:


Destroying the original encrypted e-mail does just that. Only the sender will have a copy of the original in their Sent Items folder. For the most part, Outlook/e-mail client sorted outbound e-mail will be handled as normal.

Depending on the nature of the e-mail being sent, this service can be of great value for those that need to keep certain communications secured from prying eyes.

Since the source e-mail server transmits the e-mail directly to the ExchangeDefender servers, or it should be as per the ED Deployment Guide, the e-mail never leaves the confines of the source corporate network and destination ExchangeDefender network.

The decision to use the service for a one-off e-mail will ultimately reside with the sender. If the content is confidential to the point where the recipient’s time to fill out the form (less than a minute) is worth it, then they should definitely use the service!

For those that regularly send e-mail with sensitive information in them to the same recipient, the recipient will be able to log-in to the ExchangeDefender Encryption Services portal in seconds to gain access to any e-mail with [Encrypt] in the subject line.

Philip Elder
Microsoft Small Business Specialists
Co-Author: SBS 2008 Blueprint Book

*Our original iMac was stolen (previous blog post). We now have a new MacBook Pro courtesy of Vlad Mazek, owner of OWN.

Windows Live Writer

No comments: