Sophos PureMessage for UNIX

Sophos Email Security and Data Protection

SPX Encryption

Overview:

SPX Encryption protects email data in-transit and helps organisations comply with federal and state regulations through simple administration and a transparent, seamless user experience.

Key Benefits

Simple setup: get up and running in under 10 minutes
Familiar end-user experience — no changes to user workflow
Tightly integrated with Sophos DLP engine with hundreds of pre-defined sensitive data types across multiple geographies
Immediate compliance with email data protection regulations
No software client installation required
Offline viewing without an active internet connection
Does not look like a phishing attack like many pull-based webmail solutions
Fully customizable template management and branding options
Flexible password management options with self-service password recovery options
Integrated secure reply functionality
Integrates with Microsoft Active Directory for simple policy administration and reporting
Utilizes 128-bit AES (FIPS compliant) encryption
Support for popular mobile smart phone devices such as Blackberry and Windows Mobile
Includes 24x7x365 support for the duration of the licence and Sophos can be contacted for oneto- one assistance at any time

How it works

What’s New:

This release features new enhancements to SPX Encryption for Sophos Email Appliances, to improve usability, ease administration, tighten security, and expand branding.

Key new features

Password Recovery

Save time and minimize help desk requests while improving user experience with new self-help password recovery and reset options.

New options for users to change, reset, or recover passwords.
Users can recover or reset a forgotten password without administrator involvement.
Strong password requirements are clearly articulated and checked as passwords are entered making compliance easy for users.

Security

Enjoy improved security to keep your sensitive messages secure with several new security features.

Challenge question options for password reset and recovery can be established to enhance security.
Enforce strong passwords including minimum length and special characters.
A new option requires users to login to the SPX Portal before sending a secure reply, ensuring unauthorized access to the user’s email does not also provide access to the SPX portal.

Branding

Provide a more consistent branded experience for users with new message branding and language options.

Brand SPX messages with custom header and footer images (see example on the next page).
Template language selection now affects an expanded number of SPX features, including the language used in the SPX portal and the labels displayed in encrypted messages (From, To, Subject, et cetera)

Features & Benefits:

Simplified administration

Traditional encryption solutions are expensive, require significant expertise to setup and administer, and often result in a complex end-user experience. Sophos SPX Encryption integrates strong encryption into Sophos Email Appliances, bringing data protection without the costs and complexity of traditional certificate based solutions. With SPX Encryption organizations can:

Get up and running in under 10 minutes
Use the flexible policy wizard to easily define encryption policies. Rules can be based on a variety of attributes including the presence of sensitive data (as determined by the DLP engine), sender, recipient, message content, attachments, message header attributes and more.
Enable swift compliance with PCI, HIPAA, and other local or state government policy and regulations relating to secure email communications and data protection.
Immediately protect customers sensitive data and corporate intellectual property or confidiential corporate information from unauthorised access via email

A seamless user experience

With SPX Encryption, there are no disruptive changes to users workflow, allowing them to interact with their email as they always have. For example, Sophos SPX Encryption does not require any client software installation as it uses ubiquitous and cross-platform PDF reader software. As a result, SPX encrypted messages are supported on all smart phone platforms that have native or third party PDF file support, including BlackBerry and Windows Mobile devices.

Secure reply capability is integrated into all encrypted messages enabling recipients to send an encrypted response through the appliance without any encryption infrastructure required on their end. Furthermore, offline viewing provides critical support for mobile workers who require email access even when they don’t have an active internet connection.

Password establishment and branding

Flexible password management options enable you to provide a user experience that best fits with your business model:

User registration: First time users are required to register on a secure web portal to establish a password that is then used for all future encrypted correspondence.

Auto-generated: The password is generated automatically by the appliance and provided to the sender to communicate to the recipient out-of-band.

Web service: This service allows an organisation with an existing authentication infrastructure, pre-existing accounts and passwords to share data with the Sophos.

Self-help password recovery options reduce help-desk calls and eliminate user frustration all while keeping sensitive information secure.

SPX Encryption’s flexible branding options helps ensure the integrity of the corporate brand, maintain trust and provide comfort and familiarity for recipient. Branding options include completely customizable email templates, cover pages, and portal sites.

SPX Encryption Screenshot