Secure Messaging Overview

(1)

1 www.ksrevenue.org

IRS/FTA CSO Conference

Enterprise

Implementation of Secure Messaging Services April 3, 2008

Timothy R. Blevins , KDOR Chief Information Officer

2

Kathleen Sebelius, Governor Joan Wagnon, Secretary

www.ksrevenue.org

Secure Messaging Overview

What is Secure Messaging What does Secure Messaging do

What does Secure Messaging Architecture look like

User Documentation

External User Documentation Internal User Documentation Mail Policies

(2)

3 www.ksrevenue.org

`

Comprehensive Messaging Security Portfolio

Helping enterprises manage, protect, and extend Internet communications

Protect email with comprehensive inbound and outbound security

Secure all data exchanges between 3rd parties with secure managed file transfer

MailGate™

SecureTransport™

Best Intellectual Property Protection

Best Email Content Filtering Solution Encrypt email at the gateway or desktop,

automatically or manually

Secure Messenger™

Best Email Encryption Solution

www.ksrevenue.org

What Does Secure Messenger Do?

Scan all messages and attachments To identify sensitive content

Trigger secure delivery based on corporate email policy Based on sender, recipient, and/or message content Encrypt email and provide access through a secure Web

portal

Send notification with link to encrypted message Log in to secure Web server and download via SSL Track and notify of delivery

Audit trail and reporting For regulatory compliance

(3)

5 www.ksrevenue.org

Tumbleweed Secure Messenger

Universal delivery to any recipient

No client side software or certificates required

Encrypts email and provides access through a secure web portal

Online and offline secure email

Support pull and push methods with SecureEnvelope

Easy to support and manage

Self registration, zero registration, and automated user

management

Very large email attachment support

Highly secure and reliable

Tracking by recipient, by message,

and by attachment

Rules for message expiration,

password requirements, domain

limits, message size, and

message quotas.

Customizable

Custom branding of inbox and portal

Multiple delivery profiles for by group

6

www.ksrevenue.org

Tumbleweed Secure Messenger

Content Analysis •SSN, CCN • Customer data • Compliance info • Personnel data • Intellectual property • Trade secrets • Attachments

Delivery Analysis Policy Actions

•Block, Allow • Quarantine • Return • Notify mgrs • Strip attachments • Annotate • Change routing Secure Delivery •B2B encryption • B2C encryption • Web-based delivery • Offline access • Tracking • Auditing

Centralized & Delegated Management Reporting, Auditing, Message Tracking

High Performance Appliance

(4)

7 www.ksrevenue.org Internal Email SMTPRelay External User’s Personal Mailbox (1 )O B SM TP E m ail bo un d fo r S M (# se cu re #) (1)OB S M TP E m ail

bound f or S M (#s ec ure#) (1)OB S M TP E m ail bound f orS M (#s ec ure#)

Email User

(3)OB Not if ic at ion t o S ec ure M es s enger Us er

(9)E m ail from S ecure Mes s enger (9)E mai l f rom

S ecure Mes s enger

(9 )E m ail fro m S ec ure M es se ng er

(2)E m ail S ent To S ec ure M es s enger (5 )O B N ot ifi ca tio n to S ec ur e M es se ng er U se r

(6)Us er Regis t rat ion at Firs t Login (6) E x t ernal Us er A ut hent ic at es t o S ec M es s port al: S S L Secure Messenger (2)#s ec ure#

is rem ov ed S ec ure E m ail(2)E nc ry pt s (3)Not if ic at ion Generat ed (4)Not if ic at ion

relay ed t o Us er

(7) Com pos e and S end S ec ure E m ail (6)Us er c lic k s on link

in not if ic at ion

OR

(8) S ec ure E m ail s ent t o

Dept .

(8) Sec ure E mai l sent to EM F

EMF SERVER

Secure Messenger Architecture and Data Flow Diagram 03/17/2008

www.ksrevenue.org

1 – External User – Notification of Secure Mail

What can the user expect to see when a secure email is sent to them through Secure Messenger?

(5)

9 www.ksrevenue.org

2 – External User – Security Certificate

•If the user receives a Security Alert concerning the site’s security certificate, click on Yes to proceed.

•KDOR does have a valid SSL Certificate on the server.

10

www.ksrevenue.org

3 – External User – Self-Registration

•The first time a secure email is read, the user will be required to perform a one-time, self registration. oDuring self registration the user will be required to enter:

oFirst name and last name in the first name and last name fields respectively oSelf-Assigned password, that can be remembered, in the new password field oRetype that password.

oType in a password hint. This is important: In case the external user forgets their password, they

can have their password hint emailed to them.

(6)

11 www.ksrevenue.org

4 – External User - Viewing the Email:

•The user will have the option of composing a new email or replying to an existing email •When a secure email is sent to a Secure Messenger user by a KDOR employee, they will receive a notification, but will not need to re-register.

•When the link from within the notification is clicked, the user will be asked to enter the

password they assigned themselves during the registration process.

www.ksrevenue.org

5 – External User – NOTES

•Once the user is logged into Secure Messenger, they will only be able to reply, forward, or send a new email to a KDOR employee.

•The user CANNOT reply, forward, or compose a new email to a non-KDOR email address (without kdor.state.ks.us)

•If the user deletes a message from within their Secure Messenger mailbox, it will no longer be available to them.

(7)

Internal Users - Composing a Secure Email Using Secure Messenger to an External Customer

•Compose a new email in Lotus Notes •In the subject, enter the string #secure#

•When the email is sent through Secure Messenger… •the #secure# string is stripped from the subject

•#secure# is replaced in the subject with “This is A Secure Message from KDOR” •Note: Internal user may type other text (i.e. the subject matter of the email) before or after #secure# in the subject line

•Secure Messenger is only to be used to send emails that have PII (Personally Identifiable

Information). Do not use Secure Messenger for normal, non-secure email.

•#secure# will only work when sending secure, outbound mail. Internal users do not need to add #secure# to any internal email as all internal email is already secure.

14

www.ksrevenue.org

Tumbleweed Mail Policies

The following slides describe the mail rules in

place by KDOR and what action each rule takes.

KDOR has 3 active policies that are used to log

event information about outbound emails sent

with PII (Personally Identifiable Information):

(8)

KDOR Policy Events KDOR: SM-SSN Subject Block:

Catch messages where… The entire message contains words in the list: ‘SM: SSN Subject Block”

Take the following actions…

Deliver normally and log the event ‘SM: SSN Subject Alerts’

KDOR: SM- License

Catch messages where… The message text contains words in the list: ‘SM: License’ Take the following actions…

Deliver normally and log the event ‘SM: Drivers License’

KDOR: SM-FEIN

Catch messages where… The entire message contains words in the list: ‘SM: Taxation Group’

Take the following actions…

Deliver normally and log the event ‘SM: FEIN Messages

KDOR: Encrypt Subject Trigger

Encrypt and deliver the message via Secure Messenger using the ‘SecureMail’ delivery profile prepend ‘This is a Secure Message from KDOR’ to the subject text and remove #secure# from the subject text

www.ksrevenue.org

Policy Word Lists

KDOR Has Created 3 Word Lists That Are Used With Its

Tumbleweed Mail Policies. These Word Lists Look For

Social Security Numbers, Federal Employer

Identification Number, and Drivers License Numbers.

The Names of the Word Lists Are:

• SM: License Words

• SM: Taxation Group

(9)

Tumbleweed Usage Reports

KDOR uses Tumbleweed reporting to monitor which emails

are routed through Tumbleweed with PII (Personally

Identifiable Information).

The following reports show message details of policy

events which were setup in Tumbleweed to monitor PII

traffic:

• SM Event Usage (SSN- w/event detail)

• SM Event Usage (FEIN-w/event detail)

• SM Event Usage (DL#-w/event detail)

These reports are custom reports created specifically for

KDOR using Crystal Reports.

18

www.ksrevenue.org

Reports

All of the reports but the Message Volume and Size Report were created using Crystal Reports.

•SM Event Usage (7 days) – Displays a summary of how many messages have

Secure Messenger policy events

•SM Event Usage (w/event detail) – Displays the message details of the SM

Event Usage report summary

•SM Event Usage (SSN-w/event detail) – Displays the message details of ID

504 – Emails with Social Security Numbers

•SM Event Usage (FEIN-w/event detail) – Displays the message details of

event ID 505 – Emails with Federal Employment Identification Numbers

•SM Event Usage (DL#-w/event detail) – Displays the message details of

event ID 507 – Emails with Drivers License Numbers

•SM Event Usage (Securely Sent Mail) – Displays the message details of

emails sent through Secure Messenger

•Secure Messenger Users and Directory Location – Displays the list of

users with Secure Messenger accounts and the directory path the accounts are in

•Message Volume and Size Report – Displays the total count of messages that

(10)

SM Event Usage (7 days) (Created using Crystal Reports)

www.ksrevenue.org Event Report w/Details

(11)

21 www.ksrevenue.org Event Report w/Details

FEIN-Federal Employer Identification Number (Created using Crystal Reports)

22

www.ksrevenue.org Event Report w/Details

(12)

Monitor Policy Event Reporting Metrics

• Your report results will tell you which emails contain the information that would route mail through Secure Messenger.

• Breakout reports and events so you have separated inbound and outbound reports (outbound email with sensitive information is the first concern)

• Review report results to make sure the policy you will be enabling is detecting the proper information within emails.

• You can watch email traffic through these reports without quarantining or implementing the policies

• Learn through the reporting for several reporting periods prior to attempting to block traffic automatically (False Positives)

www.ksrevenue.org

Enabling an Existing Policy to Route Mail Through

(13)

Making Secure Messenger Documentation Easily

Accessible to External Users.

ImplementationStrategy:

• Put a copy of the external user documentation on KDOR public web site.

• Modify the Secure Messenger notification page located on the Secure Messenger server.

• Add a web link to the secure mail notification page. The web link will direct the external user to where the Secure Messenger

documentation is stored on KDOR’s public web site.

– This secure mail notification is what external users will receive when a secure email is sent to them.

26

www.ksrevenue.org

Recognizing the Global Effect of Changing a Policy To

Route Mail Through Secure Messenger

When changing an existing policy from routing mail normally to routing through Secure Messenger, it is important to recognize possible negative results:

• When a policy is set to route mail through Secure Messenger, it is important to realize that any external recipient stated in a policy-caught email will receive a Secure Messenger notification.

• Be sure that false-positives are at a very minimal level before enabling a policy to automatically route mail through Secure Messenger.

• False-Positives can lead to embarrassment to agency and customer frustration

(14)

Recognizing the Global Effect of Changing a Policy To

Route Mail Through Secure Messenger (cont)

False-Positives

Prevention of False-Positives (A false-positive in this context is an email

that is flagged by a policy to have PII, but in actuality does not.)

• Enable a Tumbleweed Secure Messenger Policy to Quarantine flagged emails instead of routing normally and before sending through Secure Messenger.

• This will allow emails to be manually reviewed and recognized as a false-positive

– If an outbound, quarantined email is found to be a legitimate email that should’ve been routed through Secure Messenger, the Tumbleweed Administrator will contact the KDOR sender and ask them to resend the email with #secure# in the subject. – Any false-positives can be released to the intended recipient,

returned to the sender or deleted

www.ksrevenue.org

Archive Internal Secure Messages to CERA

(15)

29

Lessons Learned

Monitor Policy Event Reporting Metrics Before Turning On Secure Messenger Routing

Understanding the Global Effect of an Enabled Secure Messenger Policy

External Secure Messenger Users need agency documentation. Archive Internal Secure Messages to CERA

Start with small diverse messaging groups

Separate internal reporting between outbound and inbound messaging traffic

30

www.ksrevenue.org

ANY QUESTIONS?

Enterprise

Implementation of Secure Messaging Services

April 3, 2008

Timothy R. Blevins , KDOR Chief Information Officer