The pandemic has ushered in a paradigm shift in how businesses communicate with their customers. As organizations in healthcare, finance, and other highly regulated industries rely more heavily on email communication, their employees continue to send sensitive data such as medical and financial information through email. This makes email privacy more important than ever, and there are several ways to implement it, but with varying levels of complexity.
The two primary ways to send a secure email are by encrypting the connection over which email is sent, or by encrypting the email itself.
Encrypting the connection is the simplest way to protect email privacy, and is accomplished using Secure Sockets Layer (SSL) and Transport Layer Security (TLS).
However, businesses in highly regulated industries such as healthcare and finance often must take extra steps to protect against accidental exposure of personally identifiable information (PII) such as driver’s license numbers, medical records, and other healthcare or financial information. To meet these requirements, businesses may use PGP, S-MIME or various other methods to encrypt the email message.
How does Secure Messaging Work in SecurityGateway for Email
SecurityGateway’s Secure Messaging feature combines the rule-based configuration of most PGP encryption solutions with the simplicity of SSL and TLS.
When a user sends an email containing sensitive content, instead of sending it directly to the receiving mail server, SecurityGateway stores it on the secure email gateway server and the recipient reads it via a web browser over an encrypted connection using the Secure Messaging portal. The benefit of this method is that the emails are never at risk of interception by a hacker or other third party and the connection is not at risk of an SSL downgrade attack, which is an attack technique used by hackers to downgrade an encrypted connection to a plaintext connection.
How to Configure Secure Messaging in SecurityGateway for Email
SecurityGateway’s Secure Messaging service was designed to be easy to set up by administrators and easy to use by end users. Simply follow these three easy steps.
- The first step in implementing Secure Messaging in SecurityGateway is to enable it via Setup / Users | Secure Messaging | Configuration.
- The next step is to add secure message recipients, which are simply email addresses that have been authorized to receive secure messages. Both local and external secure message recipients are supported, and they can be added manually or automatically.
- The third step is to configure rules to determine which email messages must be sent securely over an encrypted connection. This can be done in three ways.
Secure Messaging Rule Creation - Method #1: Content Filter Rules
SecurityGateway administrators can define which messages are sent via Secure Messaging using content filter rules. This method provides a great deal of flexibility by allowing administrators to specify which types of content to look for in an email message, such as key words or phrases in the body or subject, a specific sender or recipient, or even a specific sending IP address. Under the Action drop-down menu, simply select “Send as a secure web message.”
Secure Messaging Rule Creation - Method #2: Data Leak Prevention (DLP) Rules
Data leak prevention rules provide another method for ensuring messages containing sensitive content are sent securely. SecurityGateway includes a variety of built-in data leak prevention rules that can be customized to suit your specific business needs, or you can create your own.
Secure Messaging Rule Creation - Method #3: Sieve Scripts
The third way to send secure messages in SecurityGateway is by using Sieve scripts. Sieve is an email filtering language that all of SecurityGateway’s mail routing processes are based on. Administrators can create their own Sieve scripts for greater control over mail flow.
Secure Message recipients can always reply to the original sender via the Secure Messaging portal. Administrators can also allow specific email addresses to compose new secure messages to local SecurityGateway users.
Secure Messaging was introduced in SecurityGateway 8.5. If you’re using an older version, you're missing out on some great new features! Visit our Downloads page to get started.