Hosted Exchange FAQ and Troubleshooting

Return to FAQ Main

Email Encryption Frequently Asked Questions

Q: Is Email Encryption compatible with all versions of Exchange?
A: Email Encryption is compatible with Exchange 2007.

Q: Do I have to enable every Exchange user with Encryption?
A: No. After enabling the service you can choose to enable individual users.

Q: Does encryption work on a mobile device?
A: Yes, emails encryption is server-side. Therefore emails can be encrypted from mobile devices, Outlook Web Access, and all email clients that are compatible with Exchange 2007.

Q: How do I enable users with email encryption?
A: To enable email encryption in the control panel:

• Click on the Email Encryption tab on the menu (hosted exchange must be enabled to view this tab).
  
• Click 'Enable Encryption'.
  
• You may now use the interface to provision users with email encryption. You will need to activate 'Send Securely' encryption before adding any content scanning policies.
  
• Select 'save changes'. The welcome email is optional, but recommended.

Q: How do I send an encrypted message?
A: To send an encrypted message:

• First, ensure your account is enabled for encryption. You can do this by viewing the 'Email Encryption' tab.
  
• Create a new message using the hosted exchange service.
  
• Start the Subject line with '[encrypt]' (without quotes) plus whatever your normal subject line would be. If you're using the outlook plug-in you can skip this step.
  
• Type your message, include any attachments, and send. If you're using the outlook plug-in, you can simply click the 'send securely' button. This will have the same effect as typing [encrypt] into the subject line.

Q: How does the recipient view the message?
A: To view the encrypted message:

• The recipient will receive a message with an attachment.
  
• Open the attachment which will direct to a website.
  
• The first time logging in, the recipient will be asked to create a password.
  
• Once logged into the message, the recipient will have the ability to read, reply to, or forward the encrypted message.
  
• Any messages sent from the web portal (replied or forwarded) will be delivered as encrypted emails.
  
• Forwarded messages can only be sent to the recipient's domain.

Q: Can I set rules to automatically encrypt messages based on key words?
A: To automatically encrypt emails based on content, you can add any of our content scanning policies. When activated through the control panel, these policies will look for dictionary terms included in the email. If a dictionary terms is found, the message will be automatically encrypted. The automatic content scanning policies help companies to comply with laws and regulations.
Content scanning policies:

• HIPAA - Protects health information. This policy looks for SSN # along with any HIPAA or ICD-9 related Dictionary Term and automatically encrypts the message.
  
• Social Security # - Protects Social Security numbers. This policy looksfor Social Security number within 20 characters of a SSN dictionary term. For example, SSN=xxx-xx-xxxx.
  
• PCI - Protects credit card information. This policy looks for a credit card number within 20 characters of a term from the credit card dictionary and automatically encrypts the message.
  
• GLBA - Protects ABA Routing Information. This policy looks for ABA Routing or CUSIP numbers within 20 characters of a dictionary term and automatically encrypts the message.

Q: What recipient options are available when reading/replying to a message?
A: Three options - all based on policy:

• Reply: reply back to sender of the encrypted message or initiate message to an internal user.
  
• Reply All: reply back to all recipients and sender of the encrypted message.
  
• Forward: For security reasons, encrypted messages can only be forwarded to mailboxes either on the sender's or recipient's domain.

Q: Can I modify the content dictionaries?
A: The encryption policies are monitored and maintained by proofpoint.

Q: When the service is enabled, is all outbound mail routed through Proofpoint?
A: Yes. Encryption uses the Outbound Relay service to send all outbound mail to Proofpoint's servers for content scanning. If you would like to enable encryption, but are currently using a service that requires Outbound Relay, you will need to disable Outbound Relay before enabling encryption.

Q: Can I encrypt email sent to internal users?
A: Proofpoint encrypts email at the SMTP gateway; therefore messages sent internally are not available for encryption. However, if the email is sent to an internal recipient AND an external

<<Back

FAQ Home

Next >>