Protecting content and identities
Email security made by SEPPmail
Trust forms the foundation of any relationship. SEPPmail is committed to reliably protecting the content and sender identity in email communication and guaranteeing the confidentiality and authenticity of messages.
Today, countless companies rely on the email security solution made by SEPPmail – not least thanks to the central and comprehensive approach, as well as the convenient ease of use. SEPPmail handles key management – without any administrative work for the users – and automatically selects the most suitable encryption method for the recipient. SEPPmail supports the following processes to do so:
Highlights - Service in the basic license
Sending encrypted emails to recipients who don’t use encryption software and don’t have a key is a simple reality thanks to the GINA process that’s the only one of its kind in the world. GINA encrypts using the latest secure public key standards and doesn’t require any software to be installed – on the sender side or the recipient side. Recipients can receive encrypted emails using their usual email program and decrypt them by entering a password sent separately.
Domain encryption is a user-transparent, asymmetrical, automatic encryption process from one SEPPmail Gateway to another SEPPmail Gateway. This is how email traffic between two companies and business locations can be secured without any input on the part of either the sender or the recipient.
SEPPmail also provides a special form of domain encryption through the Managed Domain Service. The public keys for Secure Email Gateways that subscribe to the SEPPmail Managed Domain Service are published using a SEPPmail key server. As a result, each newly installed Secure Email Gateway automatically encrypts straight after connection to hundreds of thousands of email recipients.
OpenPGP is an asymmetrical encryption process for incoming and outgoing emails based on the RFC 4880 and RFC 3156 standards. The widely used public key process – Pretty Good Privacy (PGP) – was developed by Phil Zimmermann, an American. The public keys are loaded centrally on the gateway and encryption then transparently and automatically takes place in the background – without any user intervention.
S/MIME encryption is an asymmetrical encryption/signature process for incoming and outgoing emails based on the RFC 5751 standard. It is based on personal S/MIME certificates, the confidentiality and integrity of which are confirmed by public bodies (the certification authorities (CAs)).
The Secure Email Gateway from SEPPmail includes a dedicated public key infrastructure (PKI) for managing the S/MIME certificates. If they are issued by a certified CA, the certificates are automatically included in the PKI from the email signature. All emails to relevant individuals are then encrypted from this point onwards.
The SEPPmail Secure Email Gateway provides connectors to selected CAs. This facilitates automatic certificate generation for internal users.
In contrast to the encryption method outlined above, TLS encryption is not content-related; instead, it is “merely” transport encryption. This ends at the next addressed email server, which doesn’t necessarily have to be the recipient’s final email server. Against this backdrop, no end-to-end encryption can be guaranteed up to the target server based on the TLS process.