Secured email Enterprise eprivacy Suite



Similar documents
Tumbleweed MailGate Secure Messenger

Security Solutions

Implementing Transparent Security for Desktop Encryption Users

1 Product. Open Text is the leading fax server vendor in the world. *

NETWRIX EVENT LOG MANAGER

Securing Data on Portable Media.

CIPHERMAIL ENCRYPTION. CipherMail white paper

DJIGZO ENCRYPTION. Djigzo white paper

White paper. Why Encrypt? Securing without compromising communications

How To Understand The Architecture Of An Ulteo Virtual Desktop Server Farm

redcoal SMS for MS Outlook and Lotus Notes

Cisco TelePresence Manager

SurfControl Filter for SMTP

Deploying BitDefender Client Security and BitDefender Windows Server Solutions

RSA SecurID Two-factor Authentication

Data Sheet: Endpoint Security Symantec Protection Suite Enterprise Edition Trusted protection for endpoints and messaging environments

How To Achieve Pca Compliance With Redhat Enterprise Linux

IT Best Practices Audit TCS offers a wide range of IT Best Practices Audit content covering 15 subjects and over 2200 topics, including:

RSS Cloud Solution COMMON QUESTIONS

Netwrix Auditor for Exchange

8 Critical Requirements for Secure, Mobile File Transfer and Collaboration

SecureAge SecureDs Data Breach Prevention Solution

Comparison Paper Argent vs. Nimsoft

PineApp TM Mail Encryption Solution TM

Policy Based Encryption E. Administrator Guide

Policy Based Encryption E. Administrator Guide

efolder White Paper: HIPAA Compliance

QRadar SIEM 6.3 Datasheet

SECURE YOUR DATA EXCHANGE WITH SAFE-T BOX

Technical White Paper BlackBerry Enterprise Server

Netwrix Auditor for SQL Server

Fileweave. Large File Transfer. Seamless Microsoft Outlook add-in. Simple drag and drop functionality

White Paper Instant Messaging (IM) HIPAA Compliance

Djigzo encryption. Djigzo white paper

1. Installation Overview

SECUR IN MIRTH CONNECT. Best Practices and Vulnerabilities of Mirth Connect. Author: Jeff Campbell Technical Consultant, Galen Healthcare Solutions

The governance IT needs Easy user adoption Trusted Managed File Transfer solutions

Policy Based Encryption Z. Administrator Guide

Entrust Secure Web Portal Solution. Livio Merlo Security Consultant September 25th, 2003

Cryptzone Group AB (publ) The Simple Encryption Platform An Overview. Created 2011 For technical questions

Secure User Guide

MassTransit vs. FTP Comparison

Deploying BitDefender Client Security and BitDefender Windows Server Solutions

Professional Integrated SSL-VPN Appliance for Small and Medium-sized businesses

White Paper. Anywhere, Any Device File Access with IT in Control. Enterprise File Serving 2.0

Securing Corporate Data and Making Life Easier for the IT Admin Benefits of Pre Boot Network Authentication Technology

INSTANT MESSAGING SECURITY

The SparkWeave Private Cloud & Secure Collaboration Suite. Core Features

A New Standard in Encrypted . A discussion on push, pull and transparent delivery

White Paper. BD Assurity Linc Software Security. Overview

Trend Micro Encryption (TMEE) Delivering Secure . Veli-Pekka Kusmin Pre-Sales Engineer

Windows 7, Enterprise Desktop Support Technician

The GlobalCerts TM Secur Gateway TM

Vs Encryption Suites

NETWRIX EVENT LOG MANAGER

MCSE SYLLABUS. Exam : Managing and Maintaining a Microsoft Windows Server 2003:

Windows 7, Enterprise Desktop Support Technician Course 50331: 5 days; Instructor-led

ISI Unified Communications Intelligence Tools: Infortel Select and Microsoft Lync : Driving ROI From Your Lync Investment

Robust security is a requirement for many companies deploying a wireless network. However, creating a secure wireless network has often been

Veritas Enterprise Vault for Microsoft Exchange Server

Using Entrust certificates with Microsoft Office and Windows

MN-700 Base Station Configuration Guide

Where is your Corporate Data Going? 5 tips for selecting an enterprise-grade file sharing solution.

2007 Microsoft Office System Document Encryption

Proven LANDesk Solutions

TOP SECRETS OF CLOUD SECURITY

Storage Guardian Remote Backup Restore and Archive Services

EmulexSecure 8Gb/s HBA Architecture Frequently Asked Questions

Symantec Enterprise Vault for Microsoft Exchange

Did you know your security solution can help with PCI compliance too?

"Charting the Course to Your Success!" MOC D Windows 7 Enterprise Desktop Support Technician Course Summary

Next Gen Firewall and UTM Buyers Guide

VMware Horizon FLEX 1.5 WHITE PAPER

GlobalSign Enterprise Solutions

Implementing, Managing, and Maintaining a Microsoft Windows Server 2003 Network Infrastructure

eprism Security Appliance 6.0 Release Notes What's New in 6.0

BlackBerry Enterprise Solution

MANAGEMENT SOLUTIONS SAFEGUARD BUSINESS CONTINUITY AND PRODUCTIVITY WITH MIMECAST

Top 7 Tips for Better Business Continuity

How To Set Up Safetica Insight 9 (Safetica) For A Safetrica Management Service (Sms) For An Ipad Or Ipad (Smb) (Sbc) (For A Safetaica) (

This chapter describes how to set up and manage VPN service in Mac OS X Server.

DriveLock and Windows 7

Troubleshooting BlackBerry Enterprise Service 10 version Instructor Manual

Policy Management: The Avenda Approach To An Essential Network Service

Whether your organization is small, medium or large, OpenText RightFax meets these

ORACLE DATABASE 10G ENTERPRISE EDITION

DriveLock and Windows 8

MCSA Objectives. Exam : TS:Exchange Server 2007, Configuring

ipecs UCS Unified Communications Solution Easy to access and activate Highlights Single server solution

CallRail Healthcare Marketing. HIPAA and HITECH Compliance for Covered Entities using Call Analytics Software

Websense Data Security Suite and Cyber-Ark Inter-Business Vault. The Power of Integration

Symantec Enterprise Vault for Microsoft Exchange

Ensuring HIPAA Compliance with AcclaimVault Online Backup and Archiving Services

Transcription:

EMAIL SECURITY SOLUTIONS TECHNOLOGY REPORT Secured email Enterprise eprivacy Suite JANUARY 2007 www.westcoastlabs.org

2 EMAIL SECURITY SOLUTIONS TECHNOLOGY REPORT CONTENTS Secured email Enterprise eprivacy Suite Secured email Headquarters, Drakegatan 7, 41250 Gothenburg, Sweden Tel: +46 31 773 86 00 Fax: +46 31 773 86 01 Secured email Incorporated, 565 Carriage Drive NE, Atlanta, Georgia 30328 Tel: +1 (212) 319 8300 Fax: +1 (212) 202 6205 securedemail.com Introduction...3 Test Objectives and Test Network...4 Email Security Test Methodology...5 Checkmark Certification for Email Security...6 The Product...7 Test Report...8 Test Results...10 West Coast Labs Conclusion...11 Security Features Buyers Guide...12 West Coast Labs, William Knox House, Britannic Way, Llandarcy, Swansea, SA10 6EL, UK. Tel : +44 1792 324000, Fax : +44 1792 324001. www.westcoastlabs.org

EMAIL SECURITY SOLUTIONS TECHNOLOGY REPORT 3 INTRODUCTION With email usage at an all-time high, and an increasing need to comply with the myriad of industry and government regulations, organizations are facing a series of significant email security challenges. Legislation frequently requires that any breach of data privacy, including any email-based breach, be publicly disclosed. Previous disclosures by organizations have resulted in a subsequent loss of corporate reputation, combined with litigation aimed at both the company and individuals, as well as regulatory penalties and fines. However, recent statutes and regulations including Sarbanes-Oxley, HIPAA, GLB, and the Data Protection Act (UK) are not the only drivers that companies should take into account when considering adopting email security technologies and practices. The need to communicate securely, while protecting sensitive or confidential business data is also a concern in its own right. Organizations increasingly need to both protect and ensure the integrity of their intellectual property, the financial and personal data relating to both customers and employees, and their own internal and private communications in general. While different approaches exist, the central and essential features in any best-of-breed solution should certainly include the ability to robustly encrypt and decrypt not only the text of an email but also its entire contents, or the ability to send and receive email via an equally secure mechanism. With these features in mind, this technology report evaluates each solution under test to ensure that any email message can be sent and received in an end-to-end encrypted state, then decrypted and read in plain text by the intended recipient. West Coast Labs have carefully designed all tests to match real-world conditions and scenarios as closely as possible, ensuring that all results are not only meaningful but are also technically relevant to potential buyers. To summarize the methodology, numerous network traffic analyzers were configured to capture all relevant email activity on the test network. Any appropriate client software was installed on the test machines and any necessary key exchanges performed between users of email accounts set up on those machines. West Coast Labs then produced a number of different emails, which were then sent both to internal LAN based recipients and to external internet based recipients. All emails were sent in both unencrypted and encrypted forms. The two sets of unencrypted and encrypted data were then compared by examining the output from the network traffic analyzers to ensure that encryption had taken place and that there were no obvious data patterns present. Having confidence in the encryption and decryption abilities of an email security solution is essential, yet it is only one consideration when making a purchasing decision. Typically, ease-of-use and deployment, the methods of encryption, the methods and related security of any key exchanges, appropriate reporting and auditing features, and the general administration tasks all play an important part in the decision making process.

4 EMAIL SECURITY SOLUTIONS TECHNOLOGY REPORT TEST OBJECTIVES & TEST NETWORK West Coast Labs defined and configured a real-world enterprise-class network environment in order to perform a series of rigorous validation tests that assess the following core objectives: Test the ability of each product to encrypt / decrypt potentially sensitive email-based data. Evaluate the features, high-level protocols and general functionality of each product - from both enduser and administrator perspectives. Capture metric based data to assess general ease-of-use and product installation complexity, emphasising the positive points of each product - from both end-user and administrator perspectives. The test network was deployed as appropriate to the configuration requirements of each product. Network applications may include - but were not be limited to - the following components: RAID-enabled Server (with an appropriate operating system installed, for example, a Windows server, or a UNIX / Linux based distribution). DHCP server. DNS server. IIS/NNTP/IAS server. Exchange Server 2000 / 2003. Lotus Domino Server. Microsoft Outlook Email Client. Lotus Notes Email Client. Cisco Router / Firewall (configured as an Internet gateway).

EMAIL SECURITY SOLUTIONS TECHNOLOGY REPORT 5 EMAIL SECURITY TEST METHODOLOGY INDEPENDENT SECURITY TESTS / ENCRYPTION VALIDATION The following methodology was used to test that email messages can be successfully encrypted by the sender and successfully decrypted by the recipient: A network traffic analyser was configured with the appropriate capture filter set to record all relevant email activity within the test network. A set number of different email messages were created, containing a pre-defined number of words and characters in both the subject line and the message body. An internal LAN-based recipient and an external Internet / WAN-based recipient was chosen at random from available email addresses and issued with any appropriate client software and / or security keys. The previously defined email messages were sent unencrypted to the randomly chosen, internal LAN-based recipient and external Internet / WAN-based recipient, this was used as the comparison baseline. The previously defined email messages were sent encrypted to the randomly chosen, internal LANbased recipient and external Internet / WAN-based recipient. The two sets of unencrypted and encrypted data were compared by examining the text output from the network traffic analyser captures. In addition to the above test criteria, West Coast Labs will also evaluate the overall functionality of the solutions under test including ease of use, management and administration.

6 EMAIL SECURITY SOLUTIONS TECHNOLOGY REPORT CHECKMARK CERTIFICATION Participating solutions will be eligible for the Checkmark Email Security certification, subject to the successful completion of the testing and satisfying the following specific functionality and performance criteria. Each and every time an end-user and / or administrator chooses to send an encrypted email, that email will be verified as being 100% encrypted and unreadable in plain text, Each and every time an end-user and / or administrator chooses to send an unencrypted email, that email will be verified as being 100% unencrypted and readable in plain text, When a solution makes use of keys, the ability will exist to more securely exchange such keys via a separate channel and will not be limited to an email key exchange, The solution will provide a centralized administration interface and appropriate reporting / auditing capabilities.

EMAIL SECURITY SOLUTIONS TECHNOLOGY REPORT 7 THE PRODUCT SECURED email ENTERPRISE EPRIVACY SUITE Secured email products are based on a concept new to the encryption world: the Simple Encryption Platform. SEP provides highest levels of security, along with ease of use, making the act of securing data while at rest, or in transit, a very simple process. www.securedemail.com SECURED email DESCRIBES THE PRODUCT'S BUSINESS BENEFITS AS Encryption is now in use throughout enterprises, securing business transactions across networks, maintaining the confidentiality of email communications or protecting client data stored on servers or desktops. Companies have been forced to piece together these encryption solutions, the majority of the time relying on different vendors for endpoint security, gateway email, disk encryption and file encryption. This method created issues with system disruptions, high overall cost and made it difficult and expensive to achieve the data security that companies required for regulatory compliance. Secured email has created an approach that offers operability, scalability and simple management of assets. SECURED email DESCRIBES THE PRODUCT'S TECHNICAL BENEFITS AS Companies can deploy the Secured email platform that allows them to integrate new encryption applications quickly and easily, profiting from the benefits of a unified management console and resulting in high ROI over time. A platform strategy allows additional Secured email products to leverage this common platform allowing deployment to be more cost-effective, thereby reducing operational costs and freeing IT resources to focus on additional projects.

8 EMAIL SECURITY SOLUTIONS TECHNOLOGY REPORT TEST REPORT INTRODUCTION The Simple Encryption Platform (SEP) by Secured email is a unique set of modular, enterprise-grade software components. These components are designed to redefine, simplify, and reduce the cost of the more traditional PKI based approach that is commonly utilized within contemporary email encryption systems - whilst maintaining maximum security. SEP offers ease-of-use for both end-users and system administrators alike, with robust encryption, flexible deployment options, and a powerful policy engine all combining to successfully ensure that organizations meet or exceed compliance, regulatory, and corporate security demands. SEP actively supports compliance with a number of regulatory and legal initiatives, including SOX, GLBA, HIPAA, and the EU Data Protection Directive. DEPLOYMENT SEP is easily deployed within existing email infrastructure, being compatible with all major SMTP servers, as well as Lotus Notes and Microsoft Outlook email clients. A Java applet is also available, allowing end-users to securely receive a secured email using nothing more than a Java-enabled web browser. End-user training requirements are kept to a minimum, with organizations benefiting from a fresh and uncomplicated approach to secure key exchanges, user transparent encryption, centralized user and policy management, and a comprehensive help system. West Coast Labs quickly and easily deployed SEP within an existing network infrastructure, installing the Enterprise Server and Admin Tool components on a Microsoft Windows Server 2003 operating system, whilst using Microsoft SQL Server 2005 as one of the data stores. The SEP eprivacy client software was installed on a number of client machines running Microsoft Windows XP Professional and Microsoft Outlook 2003. The system may also be deployed on different hardware and software including some lower specification options such as the free SQL Server Express Edition. This makes the solution cost-effective to set-up in smaller business environments, or to use it in testing and evaluation networks. The ease of deployment of SEP means that the existing Microsoft skillsets of many system administrators can be used and any periods of training are kept to a minimum. SEP may also integrate with LDAP based directories, allowing any existing users and any associated data to be quickly and simply imported into the database of the solution. This feature is particularly useful in larger organizations where it can help to significantly reduce the time and complexity associated with company-wide deployments. SEP effectively becomes a slave data source and is continually synchronized with the master data source, allowing any changes to the master to take immediate effect in SEP.

EMAIL SECURITY SOLUTIONS TECHNOLOGY REPORT 9 TEST REPORT ADMINISTRATION Once SEP is installed, it proves to be a simple task to remotely manage users, policies, licensing, SQL database options, and secure user groups, using only the intuitive built-in Admin Tool. All system logs and audit trail data can also be viewed via the Admin Tool and the interface also has the ability to remotely push out organization-wide policies and updates. This may be to the entire user base, or depending on requirements, simply to a single user or secure group, where a group could conceivably be used to represent a single department within an organization. The functionality of Groups is particularly useful for allowing different levels of email security to be enforced for specific departments or sets of users depending upon requirements. For example, legal, HR, and finance departments may need tighter security controls than certain other departments within an organization as they are dealing with potentially sensitive company and employee data. The flexible nature of policy management and deployment within SEP combined with powerful rule options that are designed as risk reducing safeguards to help protect an organization's privacy and intellectual property. END-USER EXPERIENCE It is straightforward, fast, and intuitive to send and receive both encrypted and unencrypted emails from the standard Microsoft Outlook email client once the solution is installed. The key feature of SEP from an end-user perspective is certainly the inherent simplicity of use. To send and receive secure emails is as simple as writing an email and optionally attaching files, as normal, then clicking the 'Send Secured' button on the same screen. Upon first use for external emails, the user is prompted to create a Shared Secret - made up from random text, a phrase, or numbers - and then prompted to communicate that Shared Secret with the intended recipient, preferably via a separate offline method, such as telephone, fax, or SMS. The Shared Secret need only be communicated once between sender and recipient and from that point on, all email communications - between both sender and recipient - may be carried out over a secure channel, in an easy and controlled manner. These users are not required to communicate the Shared Secret again as the secure tunnel has been permanently initiated between these parties. It is also worth noting that in addition to the core functionality of email encryption, SEP also provides a convenient and simple mechanism for encrypting potentially sensitive data found in files and folders on hard drives or removable storage media, such as USB devices. This feature can be implemented either as a standalone application or in conjunction with a SEP enterprise server. As with the SEP email system, this functionality was designed to ensure that the complexities of the encryption process are fully transparent from an end-user perspective.

10 EMAIL SECURITY SOLUTIONS TECHNOLOGY REPORT TEST RESULTS Throughout the comprehensive test process, West Coast Labs verified - via the use of network analyzers and capture tools, followed by rigorous manual analysis - that all email routed through SEP that required secure transport was one hundred percent encrypted and could only be successfully decrypted by the intended recipients. All secure emails were encrypted desktop-to-desktop - without the need for any third-party, expensive digital certificates - ensuring that potentially malicious eavesdroppers have no window of opportunity to intercept the email data in transit. All SEP encryption is carried out using the robust and industry proven AES256 algorithm. Checkmark certification has been awarded in the category of email security, based on SEP exceeding the demanding criterion required to pass the related tests and achieve the standard.

EMAIL SECURITY SOLUTIONS TECHNOLOGY REPORT 11 WEST COAST LABS CONCLUSION The Enterprise eprivacy Suite from Secured Email is a powerful, tried and tested solution that combines ease-of-use and cost effectiveness with proven, user-transparent encryption, to deliver a fresh approach to email security. With an effective central policy management engine, organizations can be confident that their compliance, regulatory, and corporate security needs will be met or exceeded. Having successfully completed all the required testing, West Coast labs can confirm that the Enterprise eprivacy Suite from Secured Email is certified to the appropriate Checkmark certification standard. www.check-mark.com EMAIL SECURITY West Coast Labs Disclaimer While West Coast Labs is dedicated to ensuring the highest standard of security product testing in the industry, it is not always possible within the scope of any given test to completely and exhaustively validate every variation of the security capabilities and/or functionality of any particular product tested and/or guarantee that any particular product tested is fit for any given purpose. Therefore, the test results published within any given report should not be taken and accepted in isolation. Potential customers interested in deploying any particular product tested by West Coast Labs are recommended to seek further confirmation that said product will meet their individual requirements, technical infrastructure and specific security considerations. All test results represent a snapshot of security capability at one point in time and are not a guarantee of future product effectiveness and security capability. When West Coast Labs provide test results for any particular product tested, said results are most relevant at the time of testing and within the context of the specific scope of testing and relative to the specific test hardware, software, equipment, infrastructure, configurations and tools utilized during that specific test process. West Coast Labs is unable to directly endorse or certify the overall worthiness and reliability of any particular product tested for any given situation or deployment.

12 EMAIL SECURITY SOLUTIONS TECHNOLOGY REPORT SECURITY FEATURES BUYERS GUIDE NEW FEATURES IN VERSION 3 ENTERPRISE eprivacy SUITE AS STATED BY SECURED email Lotus Notes Email Client Application AD Import New GUI Server Synchronization Wrapmail Edit ef2 - data at rest encryption Enterprise online mode & offline mode One license system Search function in AD Easy license deployment Easy policy deployment Create client installer in Admin Tool Secured group management eusb

2026 © DocPlayer.net Privacy Policy | Terms of Service | Feedback  | Do Not Sell My Personal Information