Choosing The Right Email Encryption Solution

user-setupIn the past, email encryption was an expensive, complicated technology reserved for large enterprise organizations.  However, many new providers are offering excellent technology at affordable prices.  Selecting an email encryption solution still takes a little effort, but the having an easy-to-use, secure solution that is simple for your recipients is still the goal.

At FiLink, we've started the process for you by researching the top solution providers and filtering out the expensive, complicated, and mediocre options.  After serving our customers for over 10 years, we have first-hand knowledge of which features are vital, and made sure they were included in any solution we offer.  The Cisco Ironport C Series and ZixCorp ZixGateway stand out as excellent choices, and the ones we offer in our managed cloud.

ZixCorp ZixGateway vs. Cisco Ironport C Series

So which one is right for you?  Both are simple, secure, and priced the same.  The differences are subtle, but important.  Here's what you need to know.

Push vs. Pull

The Cisco Ironport C Series uses the "push" encryption method, while the ZixGateway uses the "pull" encryption method.  The "push" method used by the Cisco Ironport C Series wraps your original message in a secure attachment with a notification email, and delivers the entire package to your recipient.  To read the message, your recipient opens the attachment in their web browser, authenticates and views the message.

The ZixGateway uses the "pull" method.  Instead of an attachment, the ZixGateway provides a link for you recipients to click on in the notification email, which directs them to a secure portal to authenticate and view your message.

From a recipient's perspective, the process looks the same.  Receive a message, open a browser, authenticate, and view the message.  However, there are some differences.  With the push method, your message "lives" on your recpients desktop (or Inbox), and nowhere else.  The recipient can go back and open that message any time, forever.  However, the attachment isn't nearly as mobile-friendly as a link, and takes a few more steps to authenticate.  With the pull method, the secure portal is optimized for quick authentication and mobile-friendly display.  But, your message expires after 14 days.  In most cases, this isn't an issue, since recpients can download any attachments and save them to their desktop.

Questions to Ask

1.  Do I need an easy solution for mobile users to view my messages?

2.  Do I need my recipients to be able to access my messages for more than 2 weeks?

Shared Keys and Inbound Decryption

One of the largest differences between the Cisco Ironport C Series and ZixCorp is the use of shared keys.  ZixCorp maintains a network of shared encryption keys called the ZixDirectory that they use to allow inbox-to-inbox encrypted messaging.  For example, if the insurance provider, hospital or bank you send encrypted messages to is also a ZixCorp customer, your message will be decrypted by their ZixCorp service before it reaches their inbox.  This decryption happens INSIDE their secure network, so you it is still very much compliant with Federal and State encryption requirements.  Obviously, having a normal message in your inbox is preferable to having an encrypted message that you have to decrypt.

This directory also allows decryption of replies to your messages.  When you send a customer a document, for example, and they return it with sensitive information, your ZixCorp gateway service will decrypt that message so you won't have to go to a portal to view it.  It is just a normal message in your inbox.

The ZixDirectory is massive, comprised of thousands of hospitals, major insurance providers, banks, credit unions, the Federal Reserve and State oversight boards, physicians offices and individual companies.  The network covers nearly 30 million users.  Cisco Ironport simply does not have this functionality.

Questions to Ask

1.  Is it important to me that replies to my secure messages are delivered as regular messages in my inbox?

2.  Do I regularly communicate with a business or organization that also uses a ZixCorp service?

 

Branding and Customization

Both Cisco Ironport and ZixCorp allow you to customize certain aspects of the notification messages and portal pages.  With Cisco Ironport, you may completely customized the notifcation message, including text, links, and adding your logo.  Your customization of the portal page itself is limited to adding a logo.  With ZixCorp, the notification message text can be branded, and the portal can be completely customized to match your website.  However, this is a licensing charge for this customization.

Branding can range from convenient to essential, depending on who the primary recpients of your encrypted messages will be.  For customers that communicate most frequently with other businesses, particulary ones that are used to seeing encrypted messages, branding is simply a convenient way to extend your corporate image.  However, if you will be communicating frequently with your own customers, branding is an essential element of building trust that your messages are authentic.

Questions to Ask

1.  Is it important that the people I communicate with most are assured that my message is authentic?

2.  Do I need to provide custom information on my portal page or notification message?