How does S/MIME encryption work?
When encrypting content such as personal data, S/MIME is most commonly used. S/MIME is a standard in email encryption and is based on the use of X.509 certificates. Since S/MIME is an asymmetric encryption method, both public and private keys are used. The sender must be in possession of both his private key and the recipient’s public key.
Before you can use S/MIME encryption, you must create a root certificate that all your communication partners must import into their respective systems. Only then can the key exchange be performed. It is easier if you acquire an email certificate issued by an official certificate authority (CA).
What certificate types are there?
Email encryption does not have to be complicated
Anyone who wants to use email encryption with S/MIME wants to have as little hassle as possible with acquiring, distributing and managing S/MIME certificates. The goal is to automatically encrypt all emails sent through a given corporate domain. Therefore, the requirements described above discourage some companies from taking care of the important issue of email encryption. It is precisely for these companies that we have developed Managed Certificates, which is now available in NoSpamProxy Cloud.
Managed Certificates: Email encryption and certificate management don’t get any simpler than this
With Managed Certificates, you can automatically acquire, distribute and manage S/MIME certificates, including certificate renewal. The basis for Managed Certificates is the connection to an Active Directory group, which enables the automated creation and renewal of email certificates. This connection allows you to minimize the effort required for organization-wide email encryption and centralize all the necessary building blocks. But that’s not all: NoSpamProxy Cloud and Managed Certificates are the first provider worldwide to support the S/MIME standard 4. There is no other way to set the course for a secure future for your company.
Even more benefits with NoSpamProxy Cloud and Managed Certificates
CxO Fraud Detection for Groups
CxO Fraud Detection in NoSpamProxy Cloud allows to detect attacks where the attackers pose as supervisors or other decision makers of a company. In this way, the criminals aim to get unsuspecting people to transfer money to their account.
In addition to rigorous evaluation of sender reputation based on SPF, DKIM and DMARC, CxO fraud detection compares the sender name from ‘Header-From’ and ‘MAIL FROM’ in inbound emails with the names of corporate users.
Configure content filtering based on groups
The content filter in NoSpamProxy Cloud fends off dangerous attachments unerringly. With the December update, it is now possible to configure this setting individually for individual Active Directory groups. In this case, too, you simply need to perform a few clicks during the configuration of the Automatic User Import via Azure Active Directory.
Exchange email certificates automatically via Open Keys
Certificates of recipients are automatically retrieved from Open Keys with the automated certificate management by Managed Certificates and can be used immediately for email encryption. The cumbersome exchange of email certificates is automated. It couldn’t be simpler.
Cost-effective and scalable email certificate management
In addition, Managed Certificates has a very attractive cost structure, which could not be realized with previous solutions: In the most expensive scale, the price per certificate and month is only 1 Euro. For this price you receive qualified S/MIME certificates from a recognized, international trust center. Managed Certificates is an option NoSpamProxy Cloud Encryption, which you can book from 2 Euros per user and month.
How does automated certificate management work with Managed Certificates?
Using Managed Certificates for automated certificate management is simple:
- Enter the appropriate TXT record in your Domain Name System (DNS).
- Add the users to the appropriate Active Directory group.
- Wait for synchronization.
From here on, NoSpamProxy Cloud takes care of certificate management: renewing existing email certificates and requesting certificates for new users. You only need to worry about maintaining your Azure AD.
Not yet using NoSpamProxy?
With NoSpamProxy you reliably protect your company against cyber attacks. Request your free trial version now!