Open-Xchange Guard Major Release v2.0.0. Feature Overview V1.4



Similar documents
OX Guard Product Guide v1.0 V1.0

bla bla OX App Suite Using Clients

Open-Xchange Server VoipNow User Manual

The document may be copied in whole or in part, provided that each copy contains this copyright notice.

I. Configuring Digital signature certificate in Microsoft Outlook 2003:

Match My . Set-Up Guide for Professional and Group Editions of Salesforce.com. MultiMatch Version 2.8.4

Trend Micro Incorporated reserves the right to make changes to this document and to the products described herein without notice.

Using Entrust certificates with Microsoft Office and Windows

End-User Reference Guide

Open-Xchange Outlook OXtender

Receiving Secure from Citi For External Customers and Business Partners

Encrypting with KMail, Mozilla Thunderbird, and Evolution LOCK AND KEY BY FRAUKE OSTER

ADP Secure Client User Guide

ADP Secure Client User Guide

End-User Reference Guide

Guide for Securing With WISeKey CertifyID Personal Digital Certificate (Personal eid)

Ciphermail for Android Quick Start Guide

Product Guide Revision A. McAfee Secure Web Mail Client Software

Center for Faculty Development and Support. Gmail Overview

IBM Aspera Add-in for Microsoft Outlook 1.3.2

Product Guide Revision A. McAfee Secure Web Mail Client Software

Encryption. How do I send my encryption key?

Outlook Web Access Tipsheets

RSA SecurID Software Token 1.0 for Android Administrator s Guide

isecur User Guide for iphone

VeriSign PKI Client Government Edition v 1.5. VeriSign PKI Client Government. VeriSign PKI Client VeriSign, Inc. Government.

Secure User Guide

WatchDox Administrator's Guide. Application Version 3.7.5

Mac OS X User Manual Version 2.0

Secure File Transfer Guest User Guide Updated: 5/8/14

How to sync Office 365 with Gmail

CIPHERMAIL ENCRYPTION. CipherMail white paper

Using Voltage Secur

Published : License : None

Encrypting your Communications using PGP

Djigzo S/MIME setup guide

1. How to Register Forgot Password Login to MailTrack Webmail Accessing MailTrack message Centre... 6

User Guide Supplement. S/MIME Support Package for BlackBerry Smartphones BlackBerry Pearl 8100 Series

Getting Started Guide Unix Platform

Sending an Encrypted/Unencrypted Message. Let's Begin: Log In and Set Up Security Questions. Create Additional ProMailSource Accounts:

Welcome to ncrypted Cloud!

How To Pay With Worldpay (Hosted Call Centre)

Instructions For Opening UHA Encrypted

OX Spreadsheet Product Guide

Unifying Information Security. Implementing Encryption on the CLEARSWIFT SECURE Gateway

RMFT Web Client User Guide

The KGpg Handbook. Jean-Baptiste Mardelle Rolf Eike Beer

Background Information

Signatures. Advanced User s Guide. Version 2.0

Policy Based Encryption E. Administrator Guide

Policy Based Encryption E. Administrator Guide

Integrating ConnectWise Service Desk Ticketing with the Cisco OnPlus Portal

Issue 2EN. Nokia and Nokia Connecting People are registered trademarks of Nokia Corporation

USER GUIDE WWPass Security for (Outlook) For WWPass Security Pack 2.4

Cofred Automated Payments Interface (API) Guide

FTP-Stream Module: InstantShare End User Guide

DigiDelivery Client Quick Start

Bridging People and Process. Bridging People and Process. Bridging People and Process. Bridging People and Process

6. Is it mandatory to have the digital certificate issued from NICCA? Is it mandatory for the sender and receiver to have a NIC id?...

ing from The E2 Shop System address Server Name Server Port, Encryption Protocol, Encryption Type, SMTP User ID SMTP Password

User Guide. Time Warner Cable Business Class Cloud Solutions Control Panel. Hosted Microsoft Exchange 2007 Hosted Microsoft SharePoint 2007

Remember, this is not specific to your address alone... the METHOD you retrieve your is equally important.

Reading an sent with Voltage Secur . Using the Voltage Secur Zero Download Messenger (ZDM)

Trend Micro Incorporated reserves the right to make changes to this document and to the products described herein without notice.

TABLE OF CONTENTS. Legend:

Using etoken for Securing s Using Outlook and Outlook Express

Initial Setup of Mozilla Thunderbird with IMAP for OS X Lion

WatchDox for Windows User Guide. Version 3.9.0

Open EMS Suite. O&M Agent. Functional Overview Version 1.2. Nokia Siemens Networks 1 (18)

Wakefield Council Secure and file transfer User guide for customers, partners and agencies

DESlock+ Mobile allows you to encrypt and decrypt and attachments, text and files on your ios device.

Policy Based Encryption Z. Administrator Guide

DocuSign Quick Start Guide. In Person Signing. Overview. Table of Contents

Releasing blocked in Data Security

DIGIPASS CertiID. Getting Started 3.1.0

USC Marshall School of Business ShareFile_With_Outlook_Client_v2.docx 6/12/13 1 of 9

Secure Recipient Guide

Netop Remote Control Security Server

Can I manually trigger secure to encrypt a message that does not contain PI or other sensitive information? Yes, by use of the word TID.

Configuring Mozilla Thunderbird to Access Your SAS Account

MSGCU SECURE MESSAGE CENTER

Magento Integration Manual (Version /24/2014)

Print Management. User's Guide

Prerequisite. Getting Started. Signing and Encryption using Microsoft outlook 2007

Open-Xchange Server Backup Whitepaper

How to Send an Encrypted via KDADS' Outlook Client or Outlook Web Application

Encrypting and signing

Encryption User Guide

Nokia for Business. Nokia and Nokia Connecting People are registered trademarks of Nokia Corporation

Protection for your account

Matrix Technical Support Mailer - 72 Procedure for Image Upload through Server in SATATYA DVR,NVR & HVR

THUNDERBIRD SETUP (STEP-BY-STEP)


PANDA CLOUD PROTECTION / Administrator s Manual / 1

Getting Started with StoreGrid Cloud

Transcription:

Open-Xchange Guard Major Release v2.0.0 Feature Overview V1.4

2015 Copyright Open-Xchange Inc. This document is the intellectual property of Open-Xchange Inc. The document may be copied in whole or in part, provided that each copy contains this copyright notice. The information contained in this document was compiled with the utmost care. Nevertheless, erroneous statements cannot be excluded altogether. Open-Xchange Inc., the authors and the translators are not liable for possible errors and their consequences. The names of software and hardware used in this document may be registered trademarks; they are used without warranty of free usability. Open-Xchange Inc. generally follows the spelling conventions of the manufacturers. The reproduction of brand names, trade names, logos, etc. in this document (even without special marking) does not justify the assumption that such names can be considered free (for the purposes of trademark and brand name regulations). Copyright 2015, Open-Xchange Inc. - 2 -

Table of Contents 1 Objective of this Document... 4 2 OX Guard PGP Mail Support In General... 5 2.1 In General... 5 2.2 Advantages / Disadvantages of the current system... 5 3 OX Guard PGP Mail Support Function... 7 3.1 General Function Overview of new PGP Support... 7 4 OX Guard PGP Mail Support Usability... 9 4.1 General Handling... 9 4.2 Sending encrypted Emails... 9 4.3 Reading encrypted emails... 10 4.4 Access for external recipients... 10 4.5 PGP Encryption Settings... 11 4.5.1 General Settings... 13 4.5.2 Administering Keys... 13 5 OX Guard Drive Support Usability... 14 Copyright 2015, Open-Xchange Inc. - 3 -

1 Objective of this Document This document provides an overview of the major new features that will be available in the OX Guard v2.0.0 release. The objective of this document is to help Open-Xchange customers and partners understand the logic behind these features and changes, especially the reason for enhancements in usability. Copyright 2015, Open-Xchange Inc. - 4 -

2 OX Guard PGP Mail Support In General 2.1 In General OX Guard is a fully integrated security add-on to OX App Suite that provides end users with a flexible email and file encryption solution. OX Guard is a highly scalable, multi server, feature rich solution that is so simple-to-use that end users will actually use it. With a single click a user can take control of their security and send secure emails and share encrypted files. This can be done from any device for both OX App Suite and non-ox App Suite users. The browser-based reader for non-ox App Suite users is also perfect for advertising and viral user acquisition. Based on customer feedback we have now implemented a solution using standard PGP encryption. With the release of OX Guard v2.0.0, Open-Xchange uses PGP for the encryption email and files. 2.2 Advantages / Disadvantages of the current system Why was a proprietary solution used in the first versions of OX Guard? Open-Xchange held the content key (the AES key) separately enabling: o Retraction of files/emails o Expiration dates o Positive verification of when/if items are decoded Open-Xchange created the Public/Private Keys o This meant identity was essentially guaranteed, as it was associated with the OX account Simplification o Keys were centralized in Guard. There were no extra public repositories. This means: Corrupt/expired/invalid/or malicious public keys in the public repositories are possible Guard had a key, or it created one. Guest users were taken to our user interface creating upsell opportunities The main disadvantage with using a proprietary solution was that it meant that email and files could not be opened by any system other than Guard. In addition, due to the Copyright 2015, Open-Xchange Inc. - 5 -

nature of how Guard managed the keys (for example for expiration and retraction), offline use was not possible. Copyright 2015, Open-Xchange Inc. - 6 -

3 OX Guard PGP Mail Support Function 3.1 General Function Overview of new PGP Support PGP has been around for a long time, yet really hasn t caught on with the masses. This is generally blamed on the barriers caused by the confusion and complications of managing the keys, understanding trust, PGP format types, and lack of trusted central key repositories. Guard simplifies all of this, making PGP encryption an easy one-click process, with no keys to keep track of; yet the options of advanced PGP management for advanced users that understand how to do this. Guard minimizes these barriers to use by implementing the following: Very large, trusted PGP Public key store with Guard o All OX users with Guard installed will have automatic keys created o All Public keys are created from the account, so identity is certain All public keys that are created by Guard will be shared with all users, through a standard PGP API Public keys uploaded by a user (unverified) are shared within the context only o Guard servers query each other through DNS record and the HKP protocol. Hides most of the PGP Public key complexity for most users. If Guard has a PGP Public key for the recipients, it will just use it. If it does not have the key it will mark the recipient and create a "Guard Guest" account for the user just as it does now. o Guest users will get an email with the password and link as before. o The Guest user, once logged in, will be able to download his/her public/private key that was created for them, or upload their preferred public key for future emails. Users who don t know about PGP will just use the Guest account as before to read / reply. o Guest users, with PGP knowledge, can have the email sent directly to them in PGP format rather than as a Guest link Users can download their PGP keys to use with their offline email clients (Thunderbird, GPG Mac Mail, etc.) Advanced users, after being verified through their OX App Suite login, can upload their own PGP Public key to be used for encryption, keeping their PGP Private key locally for their personal use. For example: Copyright 2015, Open-Xchange Inc. - 7 -

o Private keys used with Thunderbird or Mac mail o Drive clients, if applicable, could access Private Keys on the local machine Keys held either in centralized location, or possibly associated with address book Copyright 2015, Open-Xchange Inc. - 8 -

4 OX Guard PGP Mail Support Usability 4.1 General Handling By creating a solution as outlined above, Open-Xchange hopes to create a PGP experience be very similar to current OX Guard experience. As before the user sends an encrypted email by just pressing the lock symbol. Advanced users can manage the keys directly, but for the general user, everything will just be managed in the background. OX Guard thus makes PGP accessible to the masses, while allowing advanced users the ability to manage their keys and even withhold their private keys from OX Guard. 4.2 Sending encrypted Emails OX Guard v2.0.0 provides a completely new sending concept based on PGP. The following options exist: Sending an encrypted email. Only you and the recipient can read the email content. Sending an Email along with a signature. The signature ensures that the recipient is able to recognize whether the email content has been changed during transport. Sending an encrypted email with a signature. From the compose new email page the user has to click on the encrypt icon in the top right corner. It is also possible to click on security options on the left of the window. In this area, the user can also enable Guard. In order to sign the email the user simply has to enable the "Sign email" checkbox. Copyright 2015, Open-Xchange Inc. - 9 -

By default, Guard sends emails using PGP Mime, which is the most robust and standardized way to send PGP emails. For compatibility with some older systems, Guard can also send PGP emails using PGP Inline. When sending email to external recipients, a dialog within OX App Suite is displayed, that allows the creation of an additional message for those recipients when they receive an encrypted email. 4.3 Reading encrypted emails In order to read an encrypted email the Guard security password is required. When the user selects an encrypted email, indicated by with encrypted icon, it is necessary to enter the Guard security password in the detail view. The user can define how long the security password remain active. Please Note: Replies to encrypted emails have PGP encryption automatically enabled. 4.4 Access for external recipients Users can send encrypted mails to external recipients (like Gmail, Yahoo etc.) who are not OX App Suite users. When sending an encrypted mail to an external recipient, the following happens: A special account will automatically be set up for the external recipient. The sender defines whether the external recipient receives an automatically created notification about the encrypted mail or a customized notification. Copyright 2015, Open-Xchange Inc. - 10 -

The external recipient receives an email with the notification and a system generated password (secure and random). Depending on the OX App Suite and Guard configuration the sender can also send a 4-digit pin to the recipient to proved additional security to the systemgenerated password. The external recipient receives an email with a link to a login page (Guard Guest Mode) for the special external account. The external recipient enters the system-generated password on the login page. After this the recipient has to change the system generated password. In order to be able to reset the account in case of a password loss, a security question and the correct answer has to be specified. The encrypted mail is then displayed. The external recipient can then send an encrypted reply to the mail. 4.5 PGP Encryption Settings OX Guard v2.0.0 now has a new settings page in the user settings. From this page the user can change the following general options: Administer the Guard security password from the Guard security settings. Change the default settings for sending secure emails from the Guard default settings. The user can administer the PGP keys. Copyright 2015, Open-Xchange Inc. - 11 -

Copyright 2015, Open-Xchange Inc. - 12 -

4.5.1 General Settings The first settings on the page are as follows: Default to Guard PGP when composing email o Defines whether all new emails get encrypted with PGP by default. Default signing of outgoing PGP mails o Defines whether all new email is signed with PGP by default. Use PGP inline (compatibility) o Defines whether encryption is done via the "PGP inline" implementation. Users should only uses those settings if the mail client of the recipient does not support PGP MIME. For example "mailvelope" users will require the email in PGP inline format. Note: Due to limitations in the "PGP Inline" specification the user cannot send emails in html format. 4.5.2 Administering Keys In order to send or receive encrypted messages the administration of keys is typically not required. However the following functionality is supported by OX Guard v2.0.0. if required: If the user wants to use their private Guard PGP keys in other mail clients, e.g. in local mail clients, it is possible to download the private PGP key. If the user has PGP keys from other PGP applications, these keys can be uploaded The user has an external partner's public key. In order to send encrypted messages to this external partner without having to access a key server, he can import the partner's public key into Guard. The user wants to provide his public key to a recipient to receive encrypted emails; public keys can be downloaded or attached to emails here. Copyright 2015, Open-Xchange Inc. - 13 -

5 OX Guard Drive Support Usability OX Guard v2.0.0 will support "one person only" encryption. This means that a file can be encrypted by an OX App Suite user, but only for his own usage. For example, an ID document could be uploaded to OX Drive and then encrypted. But only the OX App Suite user himself can decrypt it. It is not possible to encrypt the file with multiple public keys (for example for other users like in email). If the user would like to share an encrypted file for multiple public keys he should send it via encrypted email to the corresponding contacts. Copyright 2015, Open-Xchange Inc. - 14 -

2026 © DocPlayer.net Privacy Policy | Terms of Service | Feedback  | Do Not Sell My Personal Information