BACKGROUND IMAGE: iSTOCK/GETTY IMAGES
Trend Micro Email Encryption is a suite of products that provide enterprise-wide email encryption capabilities. The capabilities include automatic policy-based encryption of emails destined to both external and internal recipients, as well as user-selected encryption of any individual emails they are sending.
Trend Micro Email Encryption has three primary components:
- Data Privacy and Encryption Module. This gateway encryption component provides automatic policy-based encryption for the enterprise. This means the gateway scans email messages to look for content deemed sensitive by policy, such as credit card numbers, and encrypts such emails to prevent eavesdropping by unauthorized parties. This component is not available as a standalone capability; it is an option to add to the Trend Micro InterScan Messaging Security product.
- Email Encryption Client. The Email Encryption Client allows individual users to encrypt selected emails they are sending. Unlike the Data Privacy and Encryption Module product, which automates encryption, this product requires a user to manually indicate that a specific email should be encrypted, such as by selecting an encryption option before sending an email. Having this capability is invaluable for protecting messages that need their confidentiality preserved but will not be automatically encrypted by the policy-based Data Privacy and Encryption Module product.
- Hosted Email Encryption. This component is an optional module that adds onto the Trend Micro Hosted Email Security product. Together, the product and the module provide a fully hosted cloud-based solution that takes care of all email security functions for the organization. The Hosted Email Encryption module, along with the Hosted Email Security product, would be used as an alternative to the Data Privacy and Encryption Module and the Email Encryption Client products for organizations that do not want to host their own email security functionality.
The rest of this article will assume the use of the Data Privacy and Encryption Module and the Email Encryption Client products.
The Data Privacy and Encryption Module, run as part of the Trend Micro InterScan Messaging Security product, is compatible with any email server because it's run separately from the email server itself. It also has no client component, so there are no concerns about client platform support. The Trend Micro InterScan Messaging Security product can run on Windows and Linux systems.
The Email Encryption Client is only supported with Microsoft Outlook as an email client. If an organization wants to allow end users to control part or all of email encryption, all users who need encryption capabilities must either be using Microsoft Outlook already or be migrated to Microsoft Outlook.
The Trend Micro Email Encryption components use the Advanced Encryption Standard encryption algorithm with 256-bit keys. This is the state of the art when it comes to encryption algorithms and key length, so it should be suitable for use in virtually any enterprise.
Trend Micro's website and literature does not say whether or not its products are Federal Information Processing Standard (FIPS) compliant. FIPS compliance involves an accredited third-party laboratory running a suite of tests against the product to ensure it performs basic cryptographic functions properly. The current list of vendors and products on the FIPS website lists Trend Micro as having FIPS-compliant products, but it is not clear which Trend Micro products are applicable. Organizations evaluating the Trend Micro Email Encryption solution should ask Trend Micro about the current FIPS compliance status of its products.
The Data Privacy and Encryption Module and the Email Encryption Client are both licensed per user and made available as a license with one year of maintenance included. Additional years of maintenance can be purchased separately.
Free trials of all three Trend Micro Email Encryption components are available.
Trend Micro Email Encryption has three components, which collectively cover all the major email encryption situations that organizations may want to address. This article focuses on the enterprise-located solutions, the Data Privacy and Encryption Module and the Email Encryption Client, but many organizations, particularly smaller ones, may benefit from using the Hosted Email Encryption option instead of the enterprise-located components.
The Data Privacy and Encryption Module is email server-agnostic, but the Email Encryption Client is only available for Microsoft Outlook. It must be noted, however, that most products in this class only support Microsoft Outlook, so this is a common stance in email encryption. The encryption provided by the Trend Micro Email Encryption components is state of the art, but FIPS compliance status is unknown. Check with Trend Micro for the latest information on the FIPS compliance of its products to have stronger confidence in their proper functioning.
In part one of this series, learn about the basics of email encryption software in the enterprise
In part two of this series, take a look at email encryption software from a business perspective
In part three of this series, learn about the procurement process for email encryption software
Check out our buyer's guide on email security gateways