M86 MailMarshal SendSecure

 

Secure Delivery of Email to Anyone

Sending email messages securely is more important than ever before. Email has become an ubiquitous method of transferring sensitive material, such as trade secrets, medical records, and financial data. However, most of the time, these emails are transmitted to their recipients in plaintext, making it trivial for an attacker to intercept and compromise your data.

Traditional email encryption products use standards like S/MIME or OpenPGP apply high-security encryption algorithms to messages, preventing attackers from reading the messages. However, these encryption methods can be difficult to implement and maintain. In order to send an encrypted message using a traditional email encryption standard, you must first exchange credentials with your intended recipient. Furthermore, both parties need to have special software installed and configured in order to send and receive encrypted messages. These two weaknesses have sometimes been a barrier for deployment in some organizations.

The MailMarshal SendSecure email security tool solves this problem by hosting sensitive email messages on a secure Web portal, thus allowing your employees to send secure messages to any email recipient in the world, without requiring the exchange of any keys or certificates. With this email security solution, email recipients do not require any special software to receive these messages — just an Internet connection and a Web browser.

MailMarshal SendSecure Service Diagram

Features

  • Ability to send secure messages to any recipient in the world, without special software or pre-requisites
  • Encrypted read, compose and reply capabilities for all message recipients enabling secure two-way communication
  • Automatic generation of notifications and invitations
  • Support for Blackberry® and Windows Mobile® devices
  • Compatible with MailMarshal Secure Email Server or similar products
  • Custom password policies tailored to your organization’s requirements
  • Customized branding of message portal to conform to corporate guidelines

 

Benefits

  • No software to install and maintain, hosted service delivery "in the cloud"
  • Encryption is automatic and transparent to the sender; no user training required
  • Reliable and cost effective

 

How it Works

MailMarshal SendSecure is a hosted secure messaging service that works in conjunction with MailMarshal SMTP. Based on policies you control, MailMarshal SMTP is used to scan messages for sensitive content and route messages to the MailMarshal SendSecure servers in the cloud. An encrypted TLS tunnel is used to communicate between MailMarshal SMTP and MailMarshal SendSecure. Once a message is received by SendSecure, it will be either be delivered to the receipient via a Web portal or delivered directly, depending on who the recipient is.

MailMarshal SendSecure Service Diagram

The diagram above shows how MailMarshal SendSecure operates.

 

Step-by-Step

  1. Confidential Email – An authorized user within your organization sends a confidential email to any email address.
  2. MailMarshal SMTP – MailMarshal SMTP evaluates the message and automatically determines that based on your encryption policy must be transmitted securely. It routes the message to the MailMarshal SendSecure servers in the cloud for secure transmission. MailMarshal SMTP can evaluate messages for sensitive content using standard rules. For example, a message might need to be secured if:
    • it is sent to to specific recipients
    • it contains specific documents
    • it contains content such as Social Security numbers, medical records, or financial data
  3. MailMarshal SendSecure – The confidential email is accepted by MailMarshal SendSecure, which then decides how it will be delivered to its recipient. If the recipient is not known, it will be delivered via the SendSecure Web Portal. If the recipient is known, it will be directly delivered to the recipient’s email server.
  4. Delivery by Web Portal – MailMarshal SendSecure will send a plaintext notification message to the end user, informing them that someone at your organization has sent them a secure message. The notification contains a link which the customer may click on, which brings them to the SendSecure Web Portal. HTTPS is used when accessing the Web Portal, so the content of the message remains private. If the recipient has not received a secure message before, they must create an account, which requires them to register via a web form. Once they have a username and password, the recipient uses his credentials to log into the portal, where the secure message is displayed.
  5. Direct Delivery – If the user is also a MailMarshal SendSecure customer, messages will be directly delivered from the SendSecure service to the recipient’s MailMarshal SMTP installation using TLS, thus guaranteeing the email’s privacy. The end recipient is not required to take any special action, and will recieve the message in their inbox as a normal message.