With SSL/TLS encryption technologies, mail sent to and from your domain, or any address locally hosted by 4SecureMail, always remain secure without the need for additional software or certificates. However once email leaves our servers to an outside address, it becomes like any other message. To keep it secure, we present SecureVault, an innovative new method for encrypting and delivering email securely over the internet, without the need for installing additional software, certificates or keys.
How does SecureVault work?
Using your 4SecureMail account, send out a message like you usually do. Instead of delivering the message, SecureVault encrypts it and holds it on our secure server. The recipient gets a notification in their inbox informing them that a secure encrypted message has been received, along with a link to view and securely reply to it. A login at our secure server is required to decrypt and view the message. If they decide to reply, the response is securely delivered back to your 4SecureMail inbox.
How do I use SecureVault?
By default, you can activate SecureVault on any outgoing message by including "encrypt:" or the shorthand form "::" in the subject header. Professional or Domain-Hosted Plans may request additional rules by contacting support, e.g. rules can be setup to always encrypt email to or from certain addresses.
How can I be ensure my messages are secure?
To ensure maximum security, it is recommended that you send new recipients an initial welcome or test message containing no secure information to allow them to setup their login, i.e. define a watermark & password, and to get familiar with the process. However once setup, they will be able to use the same password to retrieve any encrypted message delivered to them by SecureVault, no matter the sender.
What is the purpose of the password and watermark?
The password ensures that only the intended recipient can access the securely delivered messages. The watermark is included in SecureVault notifications and is an indication to the recipient that it is indeed from 4SecureMail and not forged by anyone else.
Are attachments supported?
Yes, attachments are encrypted and may be downloaded from our secure site. The recipient can include an attachment in their replies as well.
Can I request a return-receipt to ensure delivery?
Yes. Simply replace "encrypt:" with "encrypt;" or use the shorthand ";;", i.e. use a semicolon instead of the colon. Return-receipts also include the IP address of the person who viewed the message.
Are there any limitations?
Message headers, including the subject, are not encrypted and get delivered with the SecureVault notification. So be careful not to include sensitive information in the subject. Also, email held by SecureVault may be removed after 60 days. So we don't recommend using it as a long-term secure message or file store.
Can I see a demonstration of SecureVault?
Click here to request a secure encrypted message.
Is there any additional charge for SecureVault?
No. All 4SecureMail Plans, both Individual and Domain-Hosted Accounts, support SecureVault without additional charge.
What does SecureVault protect against?
After the first email exchange and the password for a user has been set, the the encryption will prevent someone spying on the message in the 'middle' between 4SecureMail and the receiving user.
What encryption technology does SecureVault use?
AES 256 CBC mode with MD5 hash.
Can I keep mail to outside recipients secure without SecureVault?
Yes, if you prefer not to use SecureVault, we recommend the following. Setup special mailboxes within your 4SecureMail account for any recipients you intend to send secure information. Provide the login information to them. Mailboxes can be configured to notify the recipient at their public address whenever mail is delivered to their secure mailbox. This is similar to SecureVault but requires more maintenance and requires you have available mailboxes & disk quota in your 4SecureMail Plan. SecureVault is seamless and gets around these limitations.
Order a secure email service plan now, or
Contact us if you have any additional questions about SecureVault.
|
