Questions? Visit our Sophos support website to submit a case, log into the support portal, search on knowledge or find a phone number.
With an increase in regulatory pressures, identity theft, and highly publicized security breaches in the media, companies that do not encrypt emails containing sensitive information are at risk of regulatory fines, lawsuits, negative PR and a loss of company intellectual property.
Companies dependent on building a relationship of trust with their customers and business partners cannot afford to risk such potential damages to their brand images. Email encryption is therefore an important piece of the security puzzle: it protects your company, your customers and business partners. The question then becomes how to implement this critical business process.
How Reflexion Email Encryption Works
RTCEncrypt allows customers to communicate, seamlessly and securely — inbox to inbox — with no sender/recipient authentication necessary.
There is no end-user change in behavior and there is no software to install or configure.
Protect your customers and yourself by encrypting sensitive email with RTCEncrypt. Now you can easily ensure privacy and meet regulatory compliance requirements with cost effective email encryption.
Messages are encrypted in one of three ways:
Force Phrase Keyword
The user simply adds a predetermined encryption phrase to the subject of the email. For example, any messages with “Secure” in the subject line will be encrypted.
Encryption Policy Tripping
Administrators can configure encryption policies to automatically detect the presence of personally identifiable information such as social security numbers. When such information is detected in the body of an email message, that message will be encrypted.
Mark as Confidential
And finally, Outlook users can simply mark a message as confidential in the Options > More Options menu of any email message.
Anyone who receives an encrypted email will be directed to the secure message portal, where the message can be retrieved. There is a one-time account setup for recipients; once an account has been created, messages can be read and replied to. Past messages will remain available inside the secure message portal as long as they haven’t expired or been deleted.
The Power of the Network
This unmatched approach to email encryption is accomplished via customers enrolling in the Directory, a global encryption key repository with almost 30 million members, and growing at over 100,000 new members per week.
Customers eliminate the need to build their own directories of encryption keys and instead leverage the hosted and shared secure network, which includes:
- The U.S. Federal Banking Regulators and the SEC
- More than 1,200 financial institutions
- 20 state banking regulators
- More than 1,000 U.S. hospitals
- More than 30 Blue Cross Blue Shield institutions
- Three out of the five largest U.S. health insurance companies
Policy-Based Email Encryption
Reflexion’s email encryption service offers the ability for a company to encrypt outbound emails based on content, sender, and recipient.
Features for senders include:
- Centralized, policy-based email encryption for regulatory compliance
- Automatic retrieval and distribution of public encryption keys, enabling transparent email encryption between all encryption customers
- Automated content scanning of messages and attachments, providing transparent encryption for senders
- Ability to encrypt, reroute or block emails based on company policy
- “Push” recipient delivery method: sending an encrypted email directly to a recipient’s inbox enables secure read, reply and forward capability
The secure message portal for recipients includes:
- “Pull” recipient delivery method, including custom branding based on your company’s needs
- Hosted and maintained in SysTrust-certified and SAS-70 type II accredited data centers
- Encrypted read, reply and save capabilities for recipients
- Secured compose capability for your business partners, customers, members, patients and others
- Unique support for smartphones and tablets
The full content scanning of messages and attachments enables companies to comply with industry regulations with the help of predefined lexicons that automatically encrypt, reroute, or block email messages containing financial (GLBA), healthcare (HIPAA), PHI, PII and profanity content. A company’s sender can also trigger an email to be encrypted as well as encrypting all emails destined for specific recipient email domains and email addresses.
These pre-defined lexicons will help your customers comply with each state’s data breach notification law.