Home>Solutions>Enterprise email encryption

3.Enterprise Email Encryption Solution

In recent years, email attacks against enterprises have increased, and many large companies have suffered heavy losses. Therefore, enterprise email security is also an urgent problem to be solved. Now, many enterprise email systems have been migrated to the cloud and directly use cloud service providers' cloud email service. How to ensure that email content in cloud email server will not be illegally used and compliance is an urgent problem to be solved, and employees mobile working and use own device and other related issues are a big challenge to enterprise email security.

We believe that the most effective email security protection is to protect the content of the email itself, whether it is using a self-built email system or a cloud email service. To ensure the security and confidentiality of enterprise email, the content of the mail itself must be encrypted. Encrypt every outgoing email to ensure the confidential, add a digital signature and timestamp to every outgoing email to ensure the credibility, prevent fraud email, and ensure that the time of sending email is credible.

Enterprise simply deprecate the current used email client software and use MeSince® to achieve full encryption, end-to-end encryption and fully automatic encryption, as well as fully automatic digital signature and timestamp. At the same time, we recommend that enterprise deploy their own cryptographic key management system (KM) to fully control their encryption keys to meet the high security requirements of email security.

Using MeSince for end-to-end email encryption will enable enterprise to truly implement mobile working, which not only meets the urgent needs of mobile working, but also meets the high security requirements for enterprise email.

As shown in the following figure 1, in order to ensure that the encryption key is highly secure and controllable, enterprise only needs to connect the plug-and-play KM device to the intranet. All staff’s computers and mobile devices must be able to connect to KM device to get the encrypting certificate private key. After successfully obtaining the encrypting certificate, the email encryption can be used normally. Remote office staff must be able to connect to KM device via VPN. KM devices cannot access the Internet and are limited to employee computers and mobile devices access in intranet to ensure the device and private key security. Of course, enterprise can also build their own CA without using the MeSince default CA.

As shown in the following figure 2, enterprise can also build their own CA to issue certificate for its users instead of using the MeSince default CA. MeSince provide a plug-and-play CA device that just need to connect to internal network, MeSince APP will get the signing certificate and encryption certificate from this in-house CA system, not from MeSince default CA.

In other words, MeSince encryption solution allows enterprise to achieve complete and autonomous control of confidential emails by simply managing and controlling the encryption key and/or issue the certificate by itself even the application environment is untrustworthy.

For more detail of this solution, please contact us.