Data & Application Security

Webmail has become an increasingly indispensable communication tool for organizations. But with the existence of widespread treacherous cyber risks like unwanted tampering or interception, organizations have recognized the importance of implementing a robust webmail security solution to counteract such perilous webmail threats.

SecureWebmail is an end-to-end webmail security solution that comes with state-of-the-art authentication, encryption and digital signature capabilities. It transparently signs and encrypts webmail based on S/MIME standard to ensure it is securely exchanged among all mainstream webmail applications.

Seamless Integration With Most Email Applications

SecureAge SecureWebmail works seamlessly with most enterprise webmail system like Outlook Web Access, Domino Web Mail and Sun Messaging Servers. Optional support to public webmail system like Hotmail and Yahoo Mail are also available. This means it can be readily used your current enterprise webmail system without modification.

Support S/MIME V2, V3 and V3.1 Email Compression

SecureAge SecureWebmail supports S/MIME (Secure / Multipurpose Internet Mail Extensions) security for webmail access to enterprise email system based on Exchange, Lotus Domino and Sun Messaging Servers. S/MIME provides cryptographic security services to encrypt and decrypt webmail, thereby ensuring authentication, message integrity, non-repudiation and data confidentiality.

It also supports the latest S/MIME v3.1 with email compression, which reduces standard webmail sizes by as much as 70 percent. This speeds up data processing during encryption, as well as network transmission in environments with slower network bandwidth.

Support Digital Signature and Encryption with Unlimited Key Length

SecureAge SecureWebmail supports unlimited key length RSA algorithms, 168-bit Triple-DES, and 256-bit AES encryption to ensure that your transmitted webmail messages and attachments are fully secured and not tampered with. When strong algorithms and larger keys are used, attackers will need to spend more computing resources and longer time to decipher the encrypted data. Currently, Triple-DES, AES (Advanced Encryption Standard) and RSA encryption algorithms are considered to be strong enough to ward off any brute force attack.

Support Unlimited Key History

SecureAge SecureWebmail allows for unlimited key history and automatically selects the correct ones for users to decrypt old emails. This solves the problem of users being unable to decrypt past emails because encryption keys were renewed.

Automatic Retrieval of Recipients’ digital Certificates

SecureWebmail comes with certificate and key management features for easy certificate management. When sending an encrypted webmail, it automatically looks up the recipient’s certificate via the LDAP (Lightweight Directory Access Protocol) repository or active directory. Once found, it imports the certificate to your personal certificate store.

It also allows you to expand group emailing lists, which is especially useful when sending encrypted emails to some recipients listed in a group email address. SecureWebmail automatically traces individual encryption keys of each recipient, then encrypts the webmail accordingly.

Support Certificate Revocation Checking

SecureAge SecureWebmail comes with a comprehensive CRL (Certificate Revocation List) checking and automatic updating capability. All the digital certificates are automatically checked for their validity. If any certificate is found to be revoked, it will automatically locate the newer certificate and replace the old certificate with the new one.

Support Online Certificate Status Protocol (OCSP)

SecureAge SecureWebmail also provides online certificate revocation validity checking via OCSP. It is an ideal option for organizations that require more timely revocation information. Digital certificates are considered as valid only after OCSP responder provides a positive response to the status request issued by OCSP client.

Support Smart Card and USB Token

SecureAge SecureWebmail supports smart card or USB token to enable the best PKI security with tamper resistance and two-factor protection. Digital certificates, when are used in conjunction with smart card and USB token, will provide the highest security in controlling access to sensitive email messages and attachments.

Support User Defined Encryption Algorithms

SecureAge SecureWebmail supports user defined encryption algorithms. To further boost the security strength of their enterprise webmail system, government regulators or organizations can choose to incorporate their own developed proprietary encryption algorithms into SecureAge® SecureWebmail, together with or without the standard encryption algorithms.

Help Achieve Regulatory Compliance

SecureAge SecureWebmail helps organizations to fulfill regulatory compliances like Sarbanes-Oxley Act of 2002 (SOX), Health Information Portability and Accountability Act of 1996 (HIPAA) and the Gramm-Leach-Bliley Act of 1999 (GLBA). This is done by encrypting webmail messages and attachments to protect the confidential information.

SecureAge SecureEmail

Apart from securing webmail, SecureAge client also provides SecureAge SecureEmail solution to transparently sign and encrypt email based on S/MIME standard. It works seamlessly with most email platforms like Lotus Notes, Microsoft Outlook, Sun Messaging Server, Outlook Express, Netscape Messenger and QualComm Eudora.