ZixCorp provides easy-to-use email encryption services for privacy and regulatory compliance. As
the largest email encryption services provider, ZixCorp protects tens of millions of members in our
ZixDirectory
®, and approximately 100,000 new members are being added every week. ZixCorp
The Importance of Email
Easy, secure communication is a valuable asset. Sensitive information is circulating on a day-to-day basis to customers and patients, third-party organizations and business associates, strategic partners and regulators. One communication tool emerges above the rest when exchanging sensitive personal information – encrypted email.
The Radicati Group estimated business users sent 41 email messages and received 100 email messages per day in 20111. Further demonstrating the
importance of email, Osterman Research found email has become a popular file-transfer method, estimating 20-25 percent of all email messages contain attachments2. With the convenience of email as a communication and
file-transfer method, it’s easy for users to be unfamiliar with the risks; however, IT security and compliance professionals cannot afford to overlook the vulnerabilities associated with this essential business tool.
Employee Behavior Risks
Companies can implement policies and offer employee training to prevent employees from leaking sensitive information, but a Ponemon Institute study3
found this method to be insufficient. Of respondents surveyed:
• 59 percent believe insecure email by employees is one of the main sources of data leaks in their organizations
• 69 percent believe employees ignore policies about emailing unencrypted sensitive or confidential documents through insecure channels
• 61 percent believe employees send unencrypted confidential information through insecure email channels, such as personal Web-based email
69 percent believe employees ignore policies about emailing unencrypted sensitive or confidential documents
through insecure channels.
61 percent believe employees send unencrypted confidential information through insecure email
channels, such as personal Web-based email. 59 percent believe insecure email
by employees is one of the main sources of data leaks in their
organizations. No 41% Yes 59% 31%No Yes 69% 39%No Yes 61%
1 “Survey: Corporate Email, 2011-2012” by The Radicati Group, September 2011.
http://www.radicati.com/wp/wp-content/uploads/2011/09/Survey-Corporate-Email-2011-2012-Executive-Summary.pdf 2 “Educating Decision Makers about the Need for Encryption” by Osterman Research, August 2010.
http://zixcorp.com/documents/white-papers/OR-Educating_Decision_Makers_About_the_Need_for_Encryption.pdf 3 “The State of Email Encryption” by Ponemon Institute, September 2011.
Mobility Concerns
Business is no longer conducted behind a desk. Mobile phones have expanded the workplace and work hours, and more users spend time on email than any other internet-enabled activity. According to a study4 conducted by The Nielsen Company,
users spend an average of 42 percent of their mobile time using email. With increasing dependence on mobile devices for access to data whenever, wherever, mobile email is a major threat. Of respondents in a Ponemon Institute study3, 70
percent stated concern about the loss of information via email on mobile devices.
Government Regulations
Securing sensitive information in email isn’t just a best practice — it’s often the law. HIPAA, HITECH, GLBA, SOX, state data security laws and guidance from FFIEC agencies make it clear that protecting sensitive information is no longer optional. Organizations in healthcare, financial services and government face a heavy burden, and as a result of expanding federal laws and state data security laws, many organizations beyond these three industries are beginning to feel the stress as well.
Despite the challenges of government regulations, employee behavior and mobility, email is a necessary tool that can be conveniently secured with next generation email encryption.
The Leader in Email Encryption Services
ZixCorp has built a trusted reputation with the nation’s most influential institutions through our easy-to-implement, -use and -maintain solutions. ZixCorp Email Encryption Services are based on Software-as-a-Service (SaaS) architecture, and ZixCorp distinguishes itself with convenient delivery methods that focus on both the sender and receiver experience.
Our solutions integrate seamlessly with existing email applications, and encryption keys are managed automatically. The most complicated and costly aspect of email encryption is key management. To eliminate the customers’ need to build their own directory of encryption keys, ZixCorp has developed the world’s largest, shared repository for automatic key exchange — ZixDirectory®.
ZixDirectory includes tens of millions of members and increases at
approximately 100,000 members per week. Its automated key management reduces the typical cost and complexity associated with email encryption solutions and saves wasted hours spent setting up and exchanging keys. The ZixDirectory also safeguards against expired keys and certificates by providing centralized distribution among all members.
3 “The State of Email Encryption” by Ponemon Institute, September 2011.
http://survey.zixcorp.com
4 “How Americans Spend Mobile Internet Time: A New Look” by The Nielsen Company, May 2010.
The Industry’s Only Fully Transparent Email Encryption
ZixCorp provides the industry’s only fully transparent delivery by leveraging ZixDirectory with ZixGateway®. When a ZixGateway customer sends encryptedemail to another ZixGateway customer, the message is sent transparently. With transparent delivery, users send and receive encrypted email as they would conventional email. Workflow is not interrupted, and no extra steps are required. On average, more than one third of our customers’ recipients receive their encrypted email messages transparently, so that not even a password is needed. ZixGateway is a policy-based email encryption service that automatically scans and encrypts outbound email if sensitive information is included within the subject line, body or attachments. Through automatic encryption, employees are alleviated of security burdens, and companies can ensure customer protection and regulatory compliance.
In addition, ZixGateway offers superior TLS that features simplified configuration; secure, bidirectional transparency through S/MIME delivery; increased control with policy management; increased visibility and compliance with report capabilities; and unique branding embedded at the end of the message that provides your recipients with added confidence. None of these features are available in competing TLS solutions.
As an alternative to ZixGateway, companies can offer employees the option to encrypt through ZixMail®. This desktop solution provides employees the
choice to secure email with the convenience of a single click. Whether email is encrypted through ZixMail or ZixGateway, ZixCorp uses encryption standards, such as S/MIME, OpenPGP and TLS, to deliver secure email to anyone, anywhere.
Encrypt and Send to Anyone
No matter the recipient’s email encryption capabilities, ZixCorp Email Encryption Services deliver encrypted messages to anyone using the manner that works best for the end-user through our Best Method of DeliverySM. For users without email
encryption, ZixCorp provides two different methods, including a secure portal, or “pull,” method and a direct delivery, or “push,” method.
Features
■ FIPS 140-2 solutions
■ Hosted key management
■ Customizable policy engines for regulatory compliance
■ Centralized policy management
■ Custom branding
■ Flexible delivery options
Benefits
■ Instant secure connection to regulators and partners
■ Low fixed total cost of ownership
■ Guaranteed service levels
■ Transparent, send-to-anyone capability
■ Seamless integration with your existing network
ZixCorp Email Encryption Services
ZixCorp Email Encryption Services have several optional components to meet the needs of any organization. Customers have the choice of a fully hosted solution or an appliance in their facility.
ZixGateway® is a policy-based email encryption gateway for privacy
and compliance. Installed at the periphery of your network, ZixGateway automatically scans for sensitive information based on defined corporate policies. If sensitive information is found, it can be either blocked or sent encrypted. Policy-based encryption means the process is transparent to your users. ZixGateway supports a variety of delivery options including industry standards such as S/MIME and OpenPGP. ZixGateway also offers superior TLS delivery, unlike any competitive solutions.
ZixMail® is a desktop application that integrates with any corporate or
Web-based email system and provides email encryption and decryption with the convenience of a single click.
ZixPort® uses clientless “pull” technology that sends encrypted email through a
secure Web portal. It is ideal for companies that want to extend their brand by including secure email communications as part of their portal experience. ZixPort offers a unique mobile-friendly feature, ZixMobility™, which allows recipients to access encrypted email with one convenient click. ZixMobility skips the cumbersome steps, distorted layouts and frustration of other solutions to provide simple email encryption to anyone, anywhere and on any mobile device.
Who Uses ZixCorp Email Encryption Services?
■ Federal banking regulators, including FFIEC
■ The Securities and Exchange Commission
■ More than 1,600 financial institutions
■ More than 30 Blue Cross Blue Shield organizations
■ Nearly one in five, or 1,200, U.S. hospitals Sender’s Premise ZixDirectory (Key Lookup) Sender Mail Server ZixMail ZixGateway ZixPort/ZixMessage Center (Pull) ZixDirect (Push) TLS Mail Server ZixGateway (Policy Engine) ZixCorp Customers
Zix Corporation 2711 N. Haskell Ave. Suite 2300, LB 36 Dallas, TX 75204 866 257 4949 [email protected] www.zixcorp.com ZixData CenterTM
ZixCorp Email Encryption Services are managed through the ZixData Center, a SysTrust certified, SAS-70 Type II accredited and PCI Level 1, DSS v2.0 compliant facility. The ZixData Center offers redundant power sources, storage units and security measures, and it has proven 99.99 percent reliability.
About Zix Corporation
Zix Corporation (ZixCorp) provides the only email encryption services designed with your most important relationships in mind. The most influential companies and government organizations use the proven ZixCorp® Email Encryption Services, including WellPoint, the SEC and more than 1,200 hospitals and 1,600 financial institutions. ZixCorp Email Encryption Services are powered by ZixDirectory®, the largest email encryption community in the world. The tens of millions of ZixDirectory members can feel secure knowing their most important relationships are protected. For more information about ZixCorp, call 866.257.4949,
email [email protected]
or visit www.zixcorp.com.
ZixDirect™ uses clientless “push” technology that sends encrypted messages
directly to the recipient’s inbox. It is ideal for sending email securely to customers or business partners that do not have email encryption capabilities.
ZixAccess™ automatically decrypts inbound email from ZixCorp users and
provides transparent communication, eliminating the need to click on a link or attachment and enter a password. ZixAccess significantly lightens the workload inherent in discovery and improves archiving of important email messages. ZixAccess also features the capability to automatically scan all outbound email and report all outbound risks to your security or compliance officer.
ZixEnableSM is application-generated email encryption that enables businesses
to secure the delivery of large-scale email communication containing personal private information. ZixEnable can be used to distribute personalized marketing campaigns, financial and health statements or other sensitive communication that businesses want to deliver in a timely and secure manner.
ZixGateway® Inbound automatically scans inbound email for unsecure
sensitive information, proactively identifying potential vulnerabilities. When vulnerabilities are identified, both the external sender and the appropriate internal security or compliance officer can be automatically notified. In addition, ZixGateway Inbound provides reports that log the details of inbound vulnerabilities.
ZixConnectSM allows customers to securely communicate with their regulators
and partners without the need for additional hardware or software at their facility. With just one secure TLS connection, customers are instantly connected to the ZixCorp email encryption network.
ZixAuditor® is a comprehensive email assessment service that enables
organizations to identify email vulnerabilities, implement more effective policies and procedures, and monitor ongoing communications to ensure compliance.
