Solutions
Home
About Us
Solutions
Support
Training
become a channel partner
Contact Us Help Desk
 

Solutions

Email Encryption

Why You Should Encrypt Your Email?

Most email is sent as plain text. This means that anyone who can intercept email messages, either in transit or at rest, can read the content. Today, companies and governments realize that this is unacceptable. Email needs to be confidential, email needs to be encrypted.

Solutions Infinity Pvt. Ltd. offers you a Linux Based product that help to automatically secure email and protect against unauthorized access of email in transit and at rest.

Email Encryption Gateway

is a standards based centrally managed email server (MTA) that encrypts and decrypts your incoming and outgoing email at the gateway level. Solutions Infinity Pvt. Ltd. Email Encryption Gateway is compatible with any existing email infrastructure like Microsoft Exchange and Lotus Notes and has support for S/MIME and PDF encryption.

Our flagship product is the Solutions Infinity Pvt. Ltd.'s Email Encryption Gateway. This product can be integrated with your existing email infrastructure, or it can be used as a stand-alone email server.

Email Encryption Gateway currently supports two encryption standards: S/MIME and PDF encrypted email. S/MIME provides authentication, message integrity and non-repudiation (using X.509 certificates) and protection against message interception. S/MIME uses public key encryption (PKI) for encryption and signing. PDF encryption can be used as a lightweight alternative to S/MIME encryption. PDF allows you to decrypt and read encrypted PDF documents. PDF documents can even contain attachments embedded within the encrypted PDF. The password for the PDF can be manually set per recipient or a password can be randomly generated. The generated password can then be automatically delivered to the recipient via an SMS Text message or, the password can be sent back to the sender of the message.

Email Encryption Gateway has a built-in CA which can be used to issue X.509 certificates for internal and external users. The external users can use the certificates with any S/MIME capable email client like Outlook, Outlook express, Lotus Notes, Thunderbird, Gmail etc.

The built-in Data Leak Prevention (DLP) module can be used to prevent certain information to leave the organization via email.

Data Loss Prevention (DLP)

is a module that can be used to prevent certain information to leave the organization via email. DLP can configured to filter on credit card numbers, bank account numbers, excessive amounts of email addresses or other personal information in one email message, and more. DLP is implemented as a filter on outgoing email.

Data Leak Prevention (DLP) is a feature that prevents certain information to leave the organization via email. What information this is, is defined in the configuration of the DLP system. Typically, it includes credit card numbers, bank account numbers, excessive amounts of email addresses or other personal information in one email message, etc. DLP is implemented as a filter on outgoing email. DLP can be a separate system or product, or it can be integrated with another email related product or system. DJIGZO has integrated DLP with our Email Encryption Gateway.

DLP can monitor email at various levels:

email body content

email headers

email attachments of various types

nested attachments of various types

DLP currently filters email bodies, attachments and nested attachments of type text, html, xml and other text-based formats. Filtering attachments of type pdf, doc, xls etc. will be part of a future offering which will be coming soon.

Configuring DLP is done via the Web GUI. You can specify keywords and sentences that outgoing email messages should not contain. More elaborate filtering is achieved via regular expressions, a specification format that allows you to specify virtually any combination of characters, words or sentences that should be filtered.

DLP can be configured on three levels, similar to how encryption is configured: at gateway level, at domain level and at individual user level. The latter is useful in specific cases where some users can send out information via email that other users cannot.

Some predefined sample patterns are shown below for your reference.

DLP Patterns

Title IBAN
Description Matches all ISO 13616-compliant International Bank Account Numbers (IBAN) formats.
Matches NL91 ABNA 0417 1643 00 | NL91ABNA0417164300 | NL 9 1 A B N A 0 4 1 7 1 6 4 3 0 0
Non-matches NL91-ABNA-0417-1643-00 | N L91ABNA0417164300
Note This patterns contains the group IBAN with all the IBAN matchers for all supported countries.

Title Email
Description Matches if there are more than threshold email addresses.
Matches test@example.com | "te+st"@example.com
Non-matches example.com
Note Quarantines the message if more than 20 email addresses are detected.

Title Credit card numbers
Description Matches credit card numbers.
Matches 5498586296025840 | 5498-5862-9602-5840
Non-matches 5-4-9-8-5-8-6-2-9-6-0-2-5-8-4-0
Note The following credit cards are supported: Via, Mastercard, American Express, Discover, Dinersclub and JCB

Title Social Security Number (SSN)
Description Matches a Social Security Number (SSN) in in NNN-NN-NNNN and NNNNNNNNN format.
Matches 666-12-3456 | 666123456
Non-matches 666/12/3456
Note Because a SSN is a nine-digit number without structure, false positives are likely to occur

Top