Post on 11-Dec-2015
1
Email Encryption
2
Threats To Sensitive Data
3
Client Systems
Corporate Mail Server
Recipients’ Systems
Recipients’ Mail ServerEmail at
RiskEmail at
RiskEmail at
RiskEmail at
RiskEmail at
Risk
In Motion
Email is Vulnerable at Multiple Points—SSL/TLS Security Alone is Not Sufficient
Email Resides at Multiple Points
Internet
Where Is Sensitive Data At Risk?
5
% o
f Org
aniz
ation
s
0%
35%
<$10,000
15%
20% 21%
10%
33%
5%
10%
15%
20%
25%
30%
Cost
Up to $50,000
Up to $100,000
Up to $500,000
More than $500,000
Source: Osterman Research Email Security Trends 2008
Cost Of Email Or IM Data Breach
Risk Posed By Various Communication Media
6
0%
60%
Voice-over-IP(VoIP)
Telephony
45%
20%
31%
56%
19%
10%
20%
30%
40%
50%
Communication Media
Enterprise Instant
Messaging
Wireless Voice (Cellular and Text
Messaging)
Wireless Data
51%
Consumer Instant
Messaging
% R
isk
or S
igni
fican
t Ris
k
Source: Osterman Research Email Security Trends 2008
7
Email Encryption Laws
NevadaOn October 1, 2008, the law prohibits any business
in Nevada from sending a customer’s personal information through an electronic transmission—
except via fax—unless the business uses encryption to ensure the security of the
transmission.
The law stipulates that all email, website, and other forms of Internet based communications that involve the personal
information of customers must be encrypted.
8
Email Encryption Laws
MassachusettsOn September 22, 2008, the state of
Massachusetts released the final Massachusetts Regulations (201 CMR 17.00). Those regulations,
effective March 1, 2010, are the most comprehensive encryption requirements imposed
on companies by any state
The Regulations require companies to encrypt all personal information transmitted electronically or
wirelessly. In Massachusetts, businesses must also encrypt all personal information stored on laptops and other
portable devices.
9
PGP Desktop Email
10
Automated End-to-End
Email Encryption
Maintain Corporate Access to
Encrypted Data
Protect Intellectual Property,
Customer Data, and Brand
Equity Secure and Simple
Email Protection
Group Test: Email Security
“PGP® Desktop Email continues to set the standard for pure email security in an enterprise environment… We rate it our Best Buy.” 2008
PGP Desktop EmailAdvantages
11
Email at Risk Email at Risk Email at Risk
In Motion Recipients’ Systems
Recipients’ Mail Server
Email at Risk Email at Risk
Client Systems
Corporate Mail Server
Internet
End-to-End Email Encryption ProtectsEmail in Motion and at Rest
PGP® DesktopEmail
PGP® DesktopEmail
PGP® SupportPackage for BlackBerry®
PGP® DesktopEmail
PGP® DesktopEmail
PGP® SupportPackage for BlackBerry®
PGP Desktop EmailHow It Works
12
Management Server Sender Recipient
Easy, Automatic Operation
Enforced Security Policy
End-to-End Encrypted Email
PGP Desktop EmailDeployment
13
Secure Business Communication
Automated, End-to-End
Email Encryption
PGP Support Package for BlackBerry Advantages
Centralized
Management and Policy
Enforcement
Multi-layer Defense
for Customer Data
14
PGP Support Package for BlackBerry Deployment
BlackBerry® Client Recipient PGP Universal™ Server BlackBerry® Enterprise Server
Logs, Policy, Keys
Enforced Security Policy
Easy, Automatic Operation
Reduced Operational Costs
15
PGP Universal Gateway Email
16
SC Magazine: Best Buy
Protect Intellectual Property,
Customer Data, and Brand
Equity Centralized Management, Deployment,
and Policy
PGP Universal Gateway Email Advantages
Expand as Needed
Flexible Clientless
Email Delivery Options
“PGP delivers a top-notch encryption gateway that is easy to use and contains excellent policy enforcement features. Setting up the Universal server was incredibly easy. The interface is very intuitive and is one of our
favorite interfaces.” 5 stars, March 2010
17
Email at RiskEmail at RiskEmail at RiskEmail at Risk Email at Risk
Internet
PGP Universal™ Gateway Email Secures All Communications
PGP® Desktop
PGP Universal™
Web Messenger
PGP® PDF Messenger
PGP Universal™ Gateway Email
+PGP Universal™
Server
Recipients’ Systems
Recipients’ Mail ServerIn Motion
PGP Universal Gateway Email How It Works
18
PGP Universal Gateway Email Deployment
Desktop Client PGP Universal™ Gateway Email Recipients
Enforced Security Policy
Easy, Automatic Operation
Reduced Operational Costs
19
PGP PDF Messenger
21
ReduceCost and
Accelerate Process
Protect Intellectual Property,
Customer and, Brand Equity
PGP PDF MessengerAdvantages
Increase Your Competitive Advantage
Guarantee Secure
Document Delivery
SC Magazine: Best Buy
“The administrative interface is very slick. The centralized, yet granular, policy management – via Universal Server – makes integration into the enterprise easy to accomplish. Encryption and signing
internal emails is completely transparent to both parties, with a choice of using S/MIME or OpenPGP. External users without an encryption client can receive messages via
a Webmail interface or PGP’s PDF Messenger.” 2008
22
Email sent to recipient—no special action taken
by sender
PGP PDF MessengerHow It Works
PGP Universal Gateway Email processes email and applies
policy, then sends as password-protected PDF
(message not stored)
Recipient receives email; opens secured message with
PDF reader
Desktop Client PGP PDF Messenger Recipients
1 32
23
Recipient receives email; directed to authenticate and retrieve passphrase
User opens PDF with password from PGP Universal
Gateway Email “receipt”
PGP Universal Gateway Email displays Secured PDF password; logs “receipt” of delivery
PGP PDF MessengerHow It Works (Certified Delivery)
Desktop Client PGP PDF Messenger Recipients
1 2 3
24
Just to name a few…
ExamplesSecure Statement Of Delivery
25
PGP Desktop Email 10.0PGP Mobile Email 3.0Updates
26
Outlook Encrypt & Sign Buttons (DTE)
Description: - New Encrypt and Sign buttons on Outlook* to allow users manual control
Benefits:- One click security options- Enables compliance with digital signature laws- Increases options to protect sensitive data- Allows companies to hold individual end users
liable- Enables legally binding digital signatures
* Outlook for Windows onlyNOTE: GWE has manual options for users ([PGP], Important flag, on client Outlook lock or other icon can be coded in
27
Description: - Adds 2 new offline policy options
-send unencrypted** or -use latest locally cached policy*
to existing block** messages policy
Benefits:- Enables policy enforcement when offline- Emails can be sent when offline- Per user group options
* Managed DTE only** Managed and unmanaged DTE
Enhanced Offline Mail Policy (DTE)
28
Description: - Adds timing options for log uploads
and policy updates
Benefits:- Improved performance - Increased options and control- Increased # of clients Universal
Server can manage
Enhanced Policy Update Options (DTE)
29
Description: - Adds Lotus Notes native encryption option for
internal email traffic- Architecture enhancements
Benefits:- Improved integration and encryption options
in Lotus Notes environments - Improved performance & functionality
- By leveraging latest LN APIs
Lotus Notes Enhancements (DTE)
30
Description: - PGP Universal Server decrypts archived
encrypted email
Benefits:- Enables compliance with company archiving and regulatory requirements- Multiple archiving options after decryption
Archival Output Of Encrypted Emails (DTE)
31
Description: - Universal Server now has a user
interface for PGP Mobile management
Benefits:- Convenience; easier to manage
UI For Management Of PGP Mobile
33
Existing Infrastructure
PGP Encryption Solutions
PGP Encryption Platform
3rd Party Solutions
Custom Applications
Commercial Software
Commercial Hardware
EmailFile Disk and Device
MainframeMobile Devices
PGP Encryption Platform
Key Lifecycle Key Storage Authentication / Authorization
Automated Operations and Provisioning
Policy Management
AuditingReporting Logging
Thank you!
Copyright © 2010 Symantec Corporation. All rights reserved. Symantec and the Symantec Logo are trademarks or registered trademarks of Symantec Corporation or its affiliates in the U.S. and other countries. Other names may be trademarks of their respective owners.
This document is provided for informational purposes only and is not intended as advertising. All warranties relating to the information in this document, either express or implied, are disclaimed to the maximum extent allowed by law. The information in this document is subject to change without notice.
Thank you!
34
Sisoftbiuro@sisoft.pl+48 12 443 14 07