BACKGROUND IMAGE: iSTOCK/GETTY IMAGES
The Voltage SecureMail product provides email encryption capabilities for enterprises. For all editions of Voltage SecureMail, this includes automatic policy-based encryption for outbound emails; for some editions, this also includes user-selected email encryption, automatic encryption of email between internal users, and file encryption.
Voltage SecureMail comes in several editions, including the following:
- Essentials Edition. This edition, the most basic of the SecureMail products, offers two types of email encryption functionality. The first is policy-based encryption at the gateway for outbound emails (i.e., external recipients). The second also involves encryption at the gateway level; but in this case, it's triggered by a user manually selecting an encryption option in her Outlook email client.
- Standard Edition. Building on what the Essentials Edition offers, this edition adds the ability to encrypt email messages sent between internal users. It also offers encryption at the client level, not just the gateway level, so that email messages can be encrypted along the complete path from sender to recipient.
- Enterprise Edition. The Enterprise Edition has all the same capabilities as the Standard Edition, plus it offers the ability to encrypt individual files. This is encryption that "sticks" with the file and doesn't just apply to when the file is an attachment within an encrypted email. In fact, through a SecureFile plug-in, an encryption option can be added to Microsoft Office and to all right-click file menus in Windows.
The rest of this article will assume the use of the Voltage SecureMail Enterprise Edition.
The three editions described above are all deployed within the enterprise's own facilities. Voltage also offers cloud-based email encryption through its Voltage SecureMail Cloud product, which is available in an Enterprise Edition for enterprise usage. Note that the SecureMail Cloud Enterprise Edition is not equivalent to the SecureMail Enterprise Edition in terms of functionality.
In terms of platform support on the server side, Voltage SecureMail is compatible with any email server because it's deployed as a gateway placed after the email server.
For sender-selected or sender-implemented email encryption, Voltage SecureMail only supports Microsoft Outlook. Organizations that wish to allow senders to control at least a portion of the encryption process must either already be using Microsoft Outlook or must migrate affected email users from their current email clients to Outlook.
Voltage SecureMail uses the Advanced Encryption Standard (AES) encryption algorithm in Cipher Block Chaining mode. The website for Voltage SecureMail does not state publicly what the product's AES key length is, but it must be at least 128 bits because that is the smallest possible key length for AES. The preferred key length for AES is currently 256 bits. Prospective customers are encouraged to ask Voltage how long SecureMail's AES keys are and to make this information publicly available.
Similarly, Voltage does not state on its website whether its products are Federal Information Processing Standard (FIPS) compliant, meaning they have been validated against a suite of third-party tests to confirm that encryption meets basic requirements. Although the FIPS website says Voltage as a company has received FIPS compliance certification, it is not clear whether this certification covers the Voltage SecureMail product. Prospective customers should ask about this when evaluating products.
File encryption support
As described above, through the use of the SecureFile add-on, file encryption can remain with a file even after the file is removed from the original email. This add-on also supports large file transfers. These features can take the place of alternative secure file transfer mechanisms in some cases, streamlining operations and improving their security.
Licensing information for Voltage SecureMail is not publicly available. However, a free trial of Voltage SecureMail Cloud is available.
Voltage SecureMail provides a variety of email encryption solutions for enterprises. Although this article covers the Enterprise Edition, the other editions may be a better fit for many organizations, particularly those with lesser requirements for email encryption. Voltage SecureMail is compatible with any email server, but if client-side support is needed, only Microsoft Outlook is supported. This is not an atypical situation, as the majority of email encryption products support Microsoft Outlook only. Voltage SecureMail also offers a SecureFile add-on that offers extra file encryption options that may take the place of secure file transfer mechanisms in some environments.
Encryption performed by Voltage SecureMail meets minimum strength requirements (i.e., the AES algorithm), but the product website does not state the AES key length nor does it declare FIPS compliance. Likewise, licensing is not covered by the website. Make sure to get information on these from the vendor before making a purchasing decision. Although Voltage SecureMail looks like a robust, flexible and strong solution for enterprise email encryption, without this missing information it's not feasible to make an informed decision about its acquisition.
In part two of this series, take a look at email encryption software from a business perspective
In part three of this series, learn about the procurement process for email encryption software
Learn how to secure Microsoft Exchange-based email with Exchange TLS
Check out our buyer's guide on email security gateways