Managed Services   >   SMG

Secure Mail Gateway

KeyTrust SecureMail is delivered as a completely managed secure email service. It removes the technical and commercial hurdles associated with maintaining an in-house secure email system. SecureMail uses IBE, which is a new form of widely accepted cryptography that removes the hurdles associated with the more complicated Public Key Infrastructure (PKI).

Instead of relying on traditional PKI, SecureMail enables users to simply utilise the recipient's email address to securely send and receive messages. SecureMail is easy to implement, requiring no complicated infrastructure build out, and more importantly, it's easy for the user community to operate, ensuring that the service can be counted upon to protect critical organisation data assets.

SecureMail uses KeyTrust TrustID for authentication and authorisation, which provides the broadest range of options, such as hardware two-factor authentication and LDAP X.509 directory integration. The following messaging specific identity methodologies are also supported by TrustID:

  • POP3 Authentication
  • MS Exchange 5.5 / 2003 with Windows Domain Authentication
  • Self-Provisioning Email Answer Back

Features & benefits of using Secure Mail Gateway in your company


Benefits to your business

Helps manage compliance with security and privacy requirements.

No up-front capital investment is required.

Achieves low operational impact by eliminating the need for internal IT management resources.

Generates keys on the fly, eliminating the need for complex key and certificate management, such as is found in Public Key Infrastructure (PKI) alternatives.

There is no requirement to store private keys, which simplifies retention, disaster and backup.

Secures email at anytime and anywhere in the world.

Supports full online (in-house or roaming) and offline usage.

Encrypted email messages can be sent to anyone on the Internet or other accessible TCP/IP networks.

Recipients may decrypt and read email without installing special client software.

Recipients are able to access their secure messages after self-provisioning and do not need to be pre-enrolled.

Users can send secure email on-the-fly.

Integrates with the leading email client interfaces.

Secure Mail features

Transparent to existing email servers.

Secure emails are delivered directly to the recipient using existing organisation email infrastructure.

Uses Identity-Based Encryption (IBE) an encryption technology that uses a common ID for the public key.

Messages are never stored within the service.

Provides strong automated encryption.

Secures ad hoc and automated email communication.

Roaming users can continue to send and receive secure emails.

Uses Transport Layer Security (TLS) a protocol that ensures privacy while messages are in transit.

Directly supports popular email clients, such as MS Outlook & Lotus Notes or alternate Web browser client: Zero Download Manager (ZDM).

Recipient can decrypt and view their secure email even when offline, such as on an airplane, using the transparent roaming feature.

Centralised Management

SecureMail clients are centrally managed and configured through the SecureMail service. Administrators can define and control key caching configuration, password requirements (and authentication methods), and other settings from a web-based console.

Every Message has a Digital Signature

To protect against spoofing and to verify the sender, each message sent using SecureMail incorporates a digital signature that identifies the sender of the email Any message with an invalid digital signature is automatically flagged by the service.


Mobile Messaging Options

KeyTrust SecureMail has options to support Blackberry and Microsoft Windows Mobile Pocket PC portable devices. Through SecureMail, BlackBerry and Pocket PC users can send and receive secure messages.

How does it work?


The SecureMail encryption process places a minimum impact on the sender when using the Zero Download Manager (ZDM). All that is required when ZDM users wish to send a secure email is for them to incorporate the word secure within their email message header. When a message is encrypted, a private key for the recipient is created and is made available to the recipient when they decrypt the message. When a SecureMail email message is sent via ZDM, it travels over networks through a Transport Layer Security (TLS)-encrypted tunnel, and is automatically encrypted at the KeyTrust SecureMail Gateway. Upon receiving a SecureMail encrypted email the recipient completes an easy authentication process via replying to an email to verify their identity. After completing the authentication process, the recipient de-crypts and views the message using ZDM. ZDM provides a client-less, browser-based method that enables a recipient to decrypt and read messages and their associated attachments.

When a user receives a ZDM email, the entire encrypted message is in their inbox. They can open email at anytime and they do not have to rely on the availability of online archives. This means that with a private key downloaded on to their laptop, a recipient can decrypt and view their secure email even when offline, such as on an airplane, using the transparent roaming feature. New messages can also be secured when offline. In addition to improving usability, this offline capability significantly enhances scalability because users do not have to access a SecureMail or email server (such as MS Exchange) to encrypt or decrypt messages. Recipients are also able to send fully secure emails through the same interface.

Receiving Secure Email

SecureMail does not require prior enrolment of users to recipients to receive secure email. Even if the recipient has never previously communicated with the sender or has never used SecureMail, they are still able to receive SecureMail from the sender. The first time the receiver gets a SecureMail, they are presented with instructions in the email header and an option to download one of the SecureMail client interface agents or to use the Zero Download Manager (ZDM). At this point, the user authenticates to the SecureMail service. All messages will be decrypted automatically as the recipient clicks on them.

Sending Secure Email

Sending secure email is easy when using any of the SecureMail email agents that add secure mail functionality to popular email clients. Users compose their message in their standard email client, add the recipient address and press the (Secure Send) button. The email is then encrypted along with any attachments and sent to the recipient with a digital signature incorporated.

Interested in getting a tailored quote for this service?

We understand that different sized companies use applications on a variety of scales, which we create tailor made quotes to fit your business. This ensures fair plans that do not cost an arm and a leg. If you are interested in getting a quote for this service please send us an email or give us a ring.


TELEPHONE: (03) 9629 3800 or  SEND US AN EMAIL

© 2016 Copyright KeyTrust: All rights reserved.