Buyer's Guide

Browse Sections

The business case for email encryption products
- The business case for email encryption software
Criteria to consider when purchasing email security products
- How to procure email encryption software
What are best email encryption products?
- Comparing the best email encryption software products
A glance at the top email encryption products

BACKGROUND IMAGE: iSTOCK/GETTY IMAGES

This content is part of the Buyer's Guide: The best email encryption products: A comprehensive buyer's guide

Evaluate

Proofpoint Email Encryption: Product overview

Expert contributor Karen Scarfone examines Proofpoint Email Encryption products, which come with data loss prevention capability and a Secure Share add-on for secure file sharing.

Karen Scarfone, Scarfone Cybersecurity

The Proofpoint Email Encryption product provides enterprise-level email encryption functionality. This includes automatically encrypting sensitive outbound email through a policy-based gateway and enabling the secure transfer of large files via email messages through the Secure Share add-on.

Product editions

The Proofpoint Email Encryption product only comes in a single edition. It is part of a larger solution, the Proofpoint Enterprise Privacy product. The main feature of this product, besides the Email Encryption component, is a Data Loss Prevention (DLP) capability. It is commonplace for DLP and email encryption technologies to work hand-in-hand because the DLP can detect potential policy violations involving email-transmitted data, and the email encryption technology can encrypt or block affected email, thus safeguarding their data from interception.

There is an additional add-on for Proofpoint Enterprise Privacy known as Proofpoint Secure Share. The purpose of Secure Share is to enable the secure sharing of large files containing sensitive information via email encryption. So Secure Share works hand-in-hand with the Email Encryption product.

Platform Support

Proofpoint Enterprise Privacy with Proofpoint Email Encryption is available as a local enterprise-deployed capability, such as a virtual appliance, or as a cloud-based service. The Proofpoint Secure Share add-on is available as a cloud-based offering only.

Encryption support

The Proofpoint Secure Share add-on is available as a cloud-based offering only.

Proofpoint Enterprise Privacy's encryption algorithm is the Advanced Encryption Standard (AES) algorithm, with encryption key length of 256 bits. Use of the AES algorithm and 256-bit AES keys is widely considered a sound practice and should provide strong security against both current and future threats.

Proofpoint has several Federal Information Processing Standard (FIPS) compliance certificates for its cryptographic libraries. This means Proofpoint has had an accredited third party do validation testing on its products' cryptographic capabilities to ensure they meet minimum standards. However, because these compliance certificates do not specify the exact products they correspond to, prospective customers should check with Proofpoint to ensure the products they are evaluating are covered by one of the FIPS compliance certificates.

File encryption support

As mentioned above, the Proofpoint Secure Share add-on can support the ability to transfer large files via email. This can take the place of File Transfer Protocol (FTP) usage and other alternative file transfer mechanisms, potentially providing a more usable and secure file transfer capability.

Licensing

There is limited licensing information publicly available for Proofpoint Enterprise Privacy. However, as already mentioned, it is available both in a local instantiation, or virtual appliance, and a cloud-based service. The Email Encryption product and the Secure Share product are both separately available through their own licensing arrangements.

Free trials of many Proofpoint products are available. The Email Encryption and Secure Share products are available as part of the Proofpoint Enterprise Privacy product trial.

Conclusion

Proofpoint Email Encryption is an add-on to the Proofpoint Enterprise Privacy product that provides email encryption for the enterprise. The Proofpoint Secure Share add-on enables the secure transfer of large files via email encryption. Together, these solutions are a great way to implement email encryption capabilities for organizations already running the Proofpoint Enterprise Privacy product or organizations that would benefit from acquiring it and leveraging its DLP capabilities.

The Proofpoint products do not require a particular email server or client type because they run separately as a virtual appliance or a cloud-based service.

Proofpoint Enterprise Privacy's encryption is state of the art, using AES with 256-bit keys. The status of FIPS compliance is not 100% clear, so make sure to check with Proofpoint on its products' FIPS compliance status during product evaluation. Licensing is a bit complex because the product is available as both an on-premises and cloud-based offering; again, check with Proofpoint for the latest information on how its products are licensed, depending on which solution is appropriate for your organization.

Next Steps

In part one of this series, learn about the basics of email encryption software in the enterprise

In part two of this series, take a look at email encryption software from a business perspective

In part three of this series, learn about the procurement process for email encryption software

Learn about how enterprise encryption is becoming more resistant to reverse engineering.

Check out our buyer's guide on email security gateways.

This was last published in April 2016

Dig Deeper on Data loss prevention technology

5 email security appliance comparison criteria to consider Identifying the best email security appliance on the market can be hard. This article discusses the criteria to consider when choosing one for your organization.

DUHK attack puts random number generators at risk News roundup: Researchers find DUHK attacks can get around encrypted communications. Plus, FBI Director Wray criticizes mobile device encryption, and more.

Proofpoint Email DLP: Product overview Expert Bill Hayes examines Proofpoint Email Data Loss Prevention, a specialized DLP product that's part of Proofpoint's cloud-based Information Protection suite.

CJIS Security Policy: How can companies ensure FIPS compliance? Companies and government agencies handling criminal justice information need to comply with CJIS Security Policy. Expert Michael Cobb explains the cryptographic modules to use.

Voltage SecureMail encryption tool: Product overview Expert contributor Karen Scarfone takes a look at Voltage SecureMail for encrypting email messages in the enterprise.

Trend Micro Email Encryption: Product overview Expert contributor Karen Scarfone examines Trend Micro's suite of email encryption software products for securing email messages in the enterprise.

Karen Scarfone asks:

Why did your company choose ProofPoint email encryption?

Join the Discussion

Join the conversation

2 comments

Send me notifications when other members comment.

Oldest

[-]

KScarfone - 11 Apr 2016 11:12 AM

Why did your company choose ProofPoint email encryption?

thiessen - 12 Apr 2016 7:51 AM

To my mind, while I'm glad that efforts have been made lately to create end-to-end email encryption, no one seems to be addressing the question of how to give both parties in the email transaction an easy way to share public keys, and to make those keys trusted, without the user having to take manual steps toward that end. Does Proofpoint offer a solution in this regard?

Buyer's Guide

Proofpoint Email Encryption: Product overview