With SSL/TLS encryption technologies, mail sent to and from your domain, or any address locally hosted by 4SecureMail, always remain secure without the need for additional software or certificates. However once email leaves our servers to an outside address, it becomes like any other message. To keep it secure, we present SecureVault, an innovative new method for encrypting and delivering email securely over the internet, without the need for installing additional software, certificates or keys.
How secure is SecureVault, and what encryption technology does it use?
SecureVault uses industry-standard AES-256 encryption in CBC mode with MD5 hash. This is the same class of encryption that many financial institutions and government agencies around the world use to protect their data. When used properly, SecureVault also meets HIPAA and other regulatory guidlines for transmission of sensitive data to any email address.
How does SecureVault work?
SecureVault encrypts messages sent from your 4SecureMail account and holds them on our secure server. Instead of delivering them, a notification is sent to the recipient to inform them that a secure encrypted message has been received. By clicking the https web-link within the notification, the recipient can log into our secure server to decrypt, view and securely reply to your message. The reply is delivered securely into your 4SecureMail inbox retrievable through POP, IMAP or Webmail, all with SSL/TLS.
How do I activate encryption on outgoing messages?
You can activate SecureVault on outgoing messages in any mail app by including "encrypt:" or the shorthand form "::" anywhere within the subject header. Also, if using our new Webmail (Web 2.0) interface, you can send outgoing SecureVault messages by simply clicking the padlock in the upper left corner of the compose/reply window. Professional or Domain-Hosted Plan subscribers can request additional rules by contacting support, e.g. rules can be setup to always force encryption to or from certain addresses.
Is it required that I send recipients a SecureVault message before they can reply securely back to me?
To ensure maximum security, it is recommended that you send new recipients an initial welcome or test message containing no secure information to allow them to setup their login, i.e. define a watermark & password, and to get familiar with the process. Once setup, they will be able to use the same password to retrieve any encrypted message delivered to them by SecureVault, no matter the sender. However, at times people might need a way to securely send you a message without first receiving one by you, or they might have lost their past notifications, they expired, etc. You can direct senders to the below links to initiate a secure message to you, or any mailbox hosted on 4SecureMail:
In addition, domain subscribers can use these:
Can I use my existing Gmail, Yahoo, or other existing email account to send out encrypted SecureVault messages?
Unless you have a 4SecureMail account, you can only use SecureVault to respond securely to an address hosted by 4SecureMail, either through a SecureVault notification sent to you or by utilizing the link above. Only 4SecureMail accounts can initiate encrypted messages directly within their mail client. If you have your own domain, you can move your domain mail accounts over to 4SecureMail to gain full SecureVault functionality or use a sub-domain for this purpose, e.g. email@example.com. A domain transfer, i.e. registrar transfer, is not required and you can keep your website hosted where it is. A Domain-Hosted Plan is required to use your own domain or sub-domain with 4SecureMail, and our support team can assist in setting this up for you.
What is the purpose of the password and watermark?
The password ensures that only the intended recipient can access the securely delivered messages. The watermark is a phrase customized by the recipient to be printed on their incoming SecureVault notifications. This is a form of verificaton to the recipient that the notification is from 4SecureMail and not a "phishing" attempt forged by someone else.
Are attachments supported?
Yes, attachments are encrypted and may be downloaded from our secure site. The recipient can include an attachment in their replies as well.
Can I request a return-receipt to ensure delivery?
Yes. Simply replace "encrypt:" with "encrypt;" or use the shorthand ";;", i.e. use a semicolon instead of the colon. Return-receipts also include the IP address of the person who viewed the message.
Are there any limitations?
Message headers, including the subject, are not encrypted and get delivered with the SecureVault notification. So be careful not to include sensitive information in the subject. Also, email held by SecureVault may be removed after 60 days. So we don't recommend using it as a long-term secure message or file store.
Is it possible to customize the SecureVault notification message?
This is available for Domain-Hosted Plans only. Supply us with a company logo, and for an additional $2/mo we will replace the '4SecureMail' logo with yours in webmail and SecureVault, including in the notifications. It is possible to customize the notification template entirely to your liking, along with other customizations, such as the login screen. Contact support for a quote if interested.
Can I deter reception of non-secure messages by restricting my mailbox to secure messages only?
This is possible and is encouraged for anyone requiring secure messages only. For domain plans, this can be done by changing the user Access Type to 'secure_only' within the domain admin interface. For all other plans, please contact support to request the change. Once setup, incoming non-secure messages will be bounced with a link to the SecureVault interface.
Can I see a demonstration of SecureVault?
Click here to request a secure encrypted message.
Is there any additional charge for SecureVault?
No. All 4SecureMail Plans, both Individual and Domain-Hosted Accounts, support SecureVault without additional charge.
What does SecureVault protect against?
After the first email exchange and the password for a user has been set, the encryption will prevent someone spying on the message in the 'middle' between 4SecureMail and the receiving user.
Can I keep mail to outside recipients secure without SecureVault?
Yes, if you prefer not to use SecureVault, we recommend the following. Setup special mailboxes within your 4SecureMail account for any recipients you intend to send secure information. Provide the login information to them. Our mailboxes can be configured to notify the recipient at their public address whenever mail is delivered to their secure mailbox. This is similar to SecureVault but requires more maintenance and requires you have available mailboxes & disk quota in your 4SecureMail Plan. SecureVault is seamless and gets around these limitations.
|Compare Service Plans|
|How It Works|
|About Spam Blocking|
|Domain Email Hosting|
|Take A Tour|