Email Encryption for Federal Requirements

Digitally Sign and Encrypt Your Email Communications with Zero-Touch Deployment Across Your Enterprise

Sectigo's Corporate Email Encryption (S/MIME) solution is the industry’s first zero-touch deployment, X.509 certificate management system. This system provisions digital identities automatically to any application using traditional windows devices or mobile devices. Many popular mail apps support S/MIME, so that email certificates can be deployed across all devices in a few simple steps. For effective compliance, email encryption must be invisible, easy for the administrator to deploy, and seamless for employees to use.

The United States government is continually defending its intellectual property against cybercriminals. As government agencies have improved their cyber defense, attackers have shifted focus to U.S. defense contractors to gain access to information of strategic national importance. These attacks include stealing the weak credentials of employees to access contractor systems remotely and stealing the intellectual property stored in email, either in transit or stored on the mail server. To combat against this new threat, the government added section 252.204-7012 to the Defense Federal Acquisition Regulation. This regulation requires email encryption compliance with NIST SP800-171 Protecting Controlled Unclassified Information in Nonfederal Systems and Organizations.

Sectigo is the leading provider of strong digital identities using public key technology. These identities are valuable for a wide range of applications in the enterprise, from mobile device authentication in wireless networks to encrypting and digitally signing emails using S/MIME standard.

Sectigo's Corporate Email Encryption (S/MIME) solution offers:

  • Automatic Zero-Touch deployment of private and public S/MIME certificates with a unified management platform
  • Sending the entire encryption key history to all mails apps so even older emails can be decrypted
  • Encryption key archiving so the employee can recover accidentally destroyed keys
  • Interoperation with the secure email gateways so that the enterprise may still use mail scanners to perform their functions on encrypted and signed emails

Unified Management Platform

A single administrator console allows for the provisioning of both publicly trusted S/MIME certificates and private certificates dedicated to the exclusive use of the enterprise. The console allows for control over employee, server, and device enrollment. It effortlessly provides discovery, reporting, automated renewal without employee involvement, and revocation when the employee leaves.

The console enables crypto-agility using renewal on demand, including the ability to increase the cryptographic strength of the identity. The console automatically adopts all previously issued certificates to dramatically improve deployment, with the most popular being the certificates issued by the corporation’s Active Directory Certificate Service. These certificates can then be automatically replaced by publicly trusted S/MIME certificates. Public S/MIME allows for any S/MIME capable mail application to validate the sender’s identity and also that the email and its attachments have not been altered in transit. This is in addition to encrypting both the email body and its attachments, with no change to the unencrypted email experience.

Contact us to learn more about our Corporate Email Encryption (S/MIME) solution.

Get Industry-leading Solutions for Your Online Business

With world class solutions that identify, prevent and combat web-based threats, Sectigo helps businesses protect their customers and reach their goals.