email2 Frequently Asked Questions

Here are some answers to some of our more commonly asked questions (and there are lots!)

Can email2 co-exist with basic email?

email2 does not replace basic email. On the contrary, email2 works closely with standard email, enhancing and strengthening the existing weak areas. A special email2 Toolbar for Outlook can be installed for use with existing email clients, and email2 members can continue to use their existing email addresses. Adopting email2 does not preclude users from continuing to use basic email.

A user's existing email client can store and display both secure email2 and basic email messages without conflict; the special email2 Toolbar provides all of the extended functionality when an email2 message is selected. The current implementation of email2 actually relies on existing email infrastructure: email2 Notification Messages are sent using basic email and then provide access to the secure email2 Message and Delivery Slip.

After an email2 Notification message arrives, the user can either follow the link to the secure email2 Webmail client, or (if they are using the email2 Toolbar), the email2 Notification message is automatically converted to the actual email2 message content (retrieving the content securely from the Private Email Network over HTTPS).

You can think of email2 as a platform that can be implemented over top of the existing email architecture. The email2 platform functions in conjunction with basic email structure to strengthen it and provide more productivity features to the end user. Remember, with email2 you are not replacing basic email, you are enhancing it:

  • Keep using your existing email address.
  • Keep using your existing Internet Service Provider (ISP).
  • Keep using your existing email programs (e.g. Outlook).
  • Keep using your existing email server programs (e.g. Exchange, Zimbra, etc.).
  • Interoperates with existing email network infrastructures and protocols.
  • email2 works with any existing or new technology being developed for traditional email (PKI, IRM, Archiving, Auditing, etc.).

The core functionality of basic email remains unchanged. Pre-existing basic email messages are still accessible and usable, (within the limitations of the basic email system, of course). Likewise, basic email messages created or received after the adoption of email2 still function the same as those created or received before.

email2 allows extended email functionality without encroaching on existing email processes. It is altogether possible for a user to be email2 enabled, but rely exclusively on basic email for communication.

//Edited March 2010

Accessibility: Browser, WCAG & Section 508

The email2 Security Platform includes a light version of our powerful & secure Webmail Client designed to fully support Section 508 and the various WCAG accessibility requirements.

Accessibility Report: WCAG1 WCAG2 Section 508
A: No Issues Found
AA: No Issues Found N/A
AAA: No Issues Found N/A



Browser Compatibility Report: Internet Explorer Firefox Safari Opera Chrome
No Critical Issues Found
No Major Issues Found
No Minor Issues Found



Compliance, Standards and Usability Report:
US CAN-SPAM Act 2003 - No issues found.
EU Privacy Regulations 2003 - No issues found.
Copyright Law - No issues found.
W3C HTML/XHTML Validation - All pages valid.
W3C CSS Validation - All pages valid.
W3C Style Guide - No issues found.
W3C Deprecated Features - No issues found.
Usability.gov Guidelines - No issues found.
W3C Best Practices - No issues found.
Readability - No issues found.


As a banker or broker, how can email2 help me?

Privacy, trackability and guaranteed delivery of sensitive information!

email2's architecture allows a level of privacy never encountered before. email2 is not only secure during transit, but it is also secure during storage (messages cannot be tampered with), AND recipients are forced to reply via your Private Email Network, ignoring their email preferences, hardware and software, creating a full audit trail of the entire transaction (conversation), until you decide that it's enough and you recall it.

While using basic e-mail encryption technologies (e.g. PKI) might seem secure enough, it only protects the content of the message during initial transit, limited to one-way protection. As the recipients of your message decrypt it (if they manage to figure out how), they can decide to reply to your message in a non-encrypted manner, via basic, unsecure e-mail, defeating the initial purpose of your using e-mail encryption!

email2's attachment module allows you to send all legal and customer statements securely and automatically though our API, and with a complete audit trail. Additionally, like a courier package, you are able to track the delivery and receipt of the message. So not only can you feel comfortable knowing that the information you're sending is secure, private and 100% guaranteed to get to its destination, you are also able to see when it gets there and when its been looked at by the recipient. Because every action occurs on your Private Email Network, a detailed activity report can be generated real time for any of your conversations.

email2 also offers a turnkey 'Intranet/Extranet' like solution through the use of the email2 Web Client whereby all attachments are decoupled from secure messages making it easy to find them, store them and have a quick access to a revision history for each document.

email2 is proud to introduce the first ever true 'recall' function that actually works! Recall your email2 message if you made a mistake and none of the recipients will be able to view the message again (unles they printed it on paper!). Recalling an email2 message is available only to the 'Sender' of an email2 message and means that all further actions are stopped, such as retrieving the message, including attachments and video messages, replying or forwarding to the message, etc.

Finally, email2's audit capability means you never have to worry about the availability of your email messages should you ever get audited for compliance against any government regulations (ie, SOX, PIPEDA, etc.). You are able to prove undeniably that messages were sent, received and not tampered with - all within your Private Email Network.

With email2 providing a better email experience, you can worry less about regulation and message deliverability, and more on the essential communication that's critical to your business.

// Edited June 2009

As a lawyer, how can email2 help me?

Security, more security and even more security!

email2's architecture allows a level of security never encountered before. email2 is not only secure during transit, but it is also secure during storage (messages cannot be tampered with), AND recipients are forced to reply via your Private Email Network, ignoring their email preferences, hardware and software, creating a full audit trail of the entire transaction (conversation), until you decide that it's enough and you recall it.

While using basic e-mail encryption technologies (e.g. PKI) might seem secure enough, it only protects the content of the message during transit, one way only. As the recipients of your message decrypt it (if they manage to figure out how), they can decide to reply to your message in a non-encrypted manner, via basic unsecured e-mail, defeating the initial purpose of your using e-mail encryption!

email2's attachment module allows you to send all legal documents securely, but also offers a turnkey 'Intranet/Extranet' like solution through the use of the email2 Web Client whereby all attachments are decoupled from secure messages making it easy to find them, store them and have a quick access to a revision history for each document.

email2 is proud to introduce the first ever true 'recall' function that actually works! Recall your secure email2 message if you made a mistake and none of the recipients will be able to view the message again (unless they printed it on paper!). Recalling an email2 message is available only to the 'Sender' of an email2 message and means that all further actions are stopped, such as retrieving the message, including attachments and video messages, replying or forwarding to the message, etc.

Finally, email2's tracking means that you do not have to wonder if your message was ever received by the recipient. Because every action occurs on your Private Email Network, a detailed activity report can be generated real time for any of your conversations.

// Edited June 2009

As a marketer, how can email2 help me?

Marketing is all about communication, and what a better way to communicate than face-to-face?

The email2 simple, attachment-free voice and video messaging component allows you to record a message and have your client retrieve and watch it at his or her leisure (asynchronous), as opposed to instant messaging where all parties need to be present at the same time in order to communicate (synchronous).

Instead of sending an e-mail inviting a client to partake in a special offer, why not send a video clip? And because the video component is integrated into the existing email2 system, there are no messy attachments and no confusing recording / viewing software required.

In addition to voice and video messaging, here are some other features that prove invaluable to a marketer:

// Edited June 2009

As an executive, why do I need email2?

According to current legislation, (Section 404 in the Sarbanes-Oxley Act [US] and Bill 198 / Multilateral Instrument 52-109 [Canada]), senior executives must certify that internal controls have been documented and tested, and that financial disclosures are accurate and complete.

email2 is able to ensure that communications, including financial statements and disclosures, remain secure, documented, and impervious to malicious alteration. email2 security is achieved mainly with the use of secure HTTPS connections between clients and servers - this is the same security level used in online banking.

Because executives are beginning to be held personally accountable for incomplete or fraudulent records, it is now more important than ever for senior executives to take the necessary steps to protect themselves and their companies. In addition to protection, email2 has a host of features that just make life better for an executive who relies on e-mail for any reason at all.

Here are some of the ways in which email2 improves the workflow for executive members of a team:

// Edited June 2009

Can anybody tamper with my transactions over email2?

email2 protects business transactions conducted via e-mail by creating auditable and retrievable business records should a dispute arise. This maintains trust and enables accountability in any business relationship.

Back office e-mail transactions that occur while RFPs are being submitted and contracts negotiated are also tracked and can become a permanent retrievable business record. email2 enables users to control email exchanges by setting permissions; no forward, limited time to access the message and its content, no reply, etc. The ability to retrieve correspondence records in an efficient and cost effective manner mitigates the risk of litigation.

Companies are outsourcing more of their work and need to incorporate greater accountability and better tracking of communication regarding contracts with outside suppliers to avoid potentially acrimonious and costly litigation when things don’t work out. "Often the legal issues are secondary to a strong personal connection between buyers and product or service providers", says Peter Armstrong, vice-president of KPMG Forensic Inc.

Many companies are unaware of how porous, tamperable, and undependable basic email communications can be. Unfortunately once a dispute happens these shortcomings become obvious.

email2’s functionality adds a layer of business process to electronic communications to maintain strong positive client relationships: providing a date/time stamp demonstrates emails were made available according to established deadlines, original messages are stored in a Private Email Network's secure, central message repository and are auditable. email2 messages can be efficiently recalled should they need to be reviewed. In addition, large file transfer is unlimited and bulky attachments can be downloaded from the central repository at the recipient's discretion, avoiding work flow slow downs and inbox storage overflows.

//Edited December 09

Can email2 support IMAP configurations?

Of course!

You should remember, however, that email2 is completely independent of IMAP -- and all other basic e-mail protocols. The Outlook e-mail client uses POP3/IMAP/Exchange Protocol to send/receive basic e-mail messages from the e-mail servers, including the basic email2 notification messages that are sent by email2.

Once an email2 notification message has been received by IMAP, the email2 platform takes over and all subsequent transfers take place over secure HTTPS connections.

//Edited June 2009

Can I attach files to email2 Messages?

Of course! Attachments are transferred via HTTPS through the use of your Private Email Network (PEN) instead of across regular SMTP connections, which are very limited in security, speed and size limit. email2 introduces database file sharing concepts with permission-based access instead of sending files all over the Internet.

Using the email2 platform to exchange attachments is safer, allows for unlimited size file transfer, is trackable and auditable, and so it becomes easier to manage each attachment, directly in your Outlook.

One of the major benefits users will notice using email2 to send attachments is that they will have the option to download attachments when and how they choose. This 'pull versus push' approach is unique to email2: download only the attachments that you want to keep on your local computer. There are no file size restrictions, and large attachments will not slow down the e-mail send/retrieve processes. email2 messages and attachments can be retrieved separately, and depending on your preference, the retrieval process can be either manual or automatic.

//Edited June 2009

Can I continue to use my existing e-mail address?

Yes! email2 allows you to continue using your existing:

You can also continue to send and receive basic email messages using the same email address. email2 is transparent and seamless, the only difference you'll is that your email is more powerful! If you're using Microsoft Outlook, you can even integrate your email2 into the same display as your basic email messages using the email2 Toolbar for Microsoft Outlook.

If you use a different email program, you still have full access to all of your secure email2 messages using the email2 Webmail client.

//Edited March 2010

Can I continue using all of the Outlook features that I depend on and enjoy?

Of course! email2 was designed & developed as a lightweight add-on to the existing Outlook email client. Address books, CC/BCC and spell check all continue to work properly with email2. In fact, every Outlook feature that you used before works with email2 without conflict!

//Edited June 2009

Can I customize the email2 Toolbar and email2 Web Client?

Yes, both the email2 Toolbar and email2 Web Client can be customized to meet your unique needs!

We recognize that not all groups find the same features useful and that certain groups require specific functionality. To this end, email2 works with a sort of 'modular' approach. Custom functionality can be designed either by third parties (through the use of email2's open API), or by us, and can be released as modules which will plug into the existing email2 platform. These modules can be something as simple as a basic survey engine, or they can be as complex and specific as an ordering/billing system. These modules can be implemented as part of the email2 Web Client through the use of email2’s open APIs, making the email2 system as a whole completely customizable.

//Edited June 2009

Can I host the email2 server internally behind my own firewall?

email2 is offered both 'on demand', that is Software as a Service (SaaS) and as a 'Self-Host (host it yourself) solution for larger organizations and resellers.

As a service, while we host your Private Email Network, we don’t replace any of the basic e-mail infrastructure you currently have in place. Once sent or retrieved, secure email2 messages are stored behind your firewall as any other e-mail message. Your company retains total and singular control over all of its own data. What we host is a different gateway, instead of using the public SMTP domain, which is unsecure and unstable.

From a security perspective, when you first enable your Private Email Network, we ask you to enter a 'MAster Key' that is used as part of the AES encryption algorithm used to encrypt all your data for storage purposes.

email2 messages are transferred securely across the wire using HTTPS and are server-side encrypted as soon as they reach your Private Email Network. They are stored encrypted for the entire life cycle of your account and only accessible to people that you have sent these messages access to.

The email2 Private Email Network acts as a transit gateway where all email2 messages are stored and exchanged, but NOT as your final email data store such as MS Exchange or your local PST file.

//Edited June 09

Can I send an email2 message to more than one person by using the CC or BCC fields?

Yes! email2 does not change how you currently use e-mail in any way – it only improves it.

CC & BCC fields function exactly the same as they do in a basic e-mail message. Tracking results of BCC recipients is available only to the sender (available only to the owner of the conversation and not shared with recipients).

//Edited June 2009

Can I still use basic email?

Yes! A conjunctive relationship with basic email is one of the most attractive features of the email2 Security Platform.

If you have adopted email2, you are in no way prevented from communicating with people who have not. Turning email2 "on" or "off" is simple. You can still create basic email messages through Outlook just as you always have, but if you'd like to create a secure email2 message in Outlook, you can do so by using the email2 Toolbar. Even if you do send someone who is not email2 enabled an email2 message, they can still read it: they are given an invitation to download and install the email2 Toolbar, OR they can simply access the message via the email2 Webmail client.

//Edited March 2010

Can recipients of my email2 message reply unsecurely?

In many situations, it is necessary for the secure email2 message (or conversation / thread) to remain secure, served by the same Private Email Network (PEN) for its entire life cycle so that tracking and audit integrity is not compromised. Additionally, many senders set specific security options for email2 message such as who can reply, forward, etc. Allowing users to reply to secure messages as basic e-mail messages would circumvent the original intentions of the sender.

Recipients to your secure email2 messages have to reply using email2 on your PEN (tamper proof). They can, of course, take the content of your message, paste it into a new basic e-mail message and send it along that way – or take a digital picture of their monitor and send the content via basic e-mail - BUT at least the content did not leak from your Network, making it very difficult for the recipient at fault to prove you did wrong doing (e.g. leak confidential information).

The purpose of email2 is NOT to protect the data after it made it safely to the intended recipients. Protecting content and attachments once they reside on the recipients' computer is something that many technologists have been trying to address for a long time. If this is the problem you are trying to address, we recommend that you look into Microsoft’s Information Rights Management (IRM) technology, which obviously works with email2.

//Edited December 2009

Do I have a different email2 Web Client for each Private Email Network (PEN) I belong to?

Yes.

Remember that Private Email Networks (PENs) are independent of one another, and this means that they have separate server and separate email2 Web Clients. If you are looking for an email2 message in the email2 Web Client and cannot find it, remember to make sure that you are looking in the correct PEN, or that you are loggied in with the correct e-mail address. Using our E-mail Alias feature, you can easily combine more than one e-mail address and have access to all your secure messages in the same email2 web client account.

This is where one of the benefits of having the email2 Toolbar for Outlook becomes apparent. With the email2 Toolbar, all of your messages, (whether email2 or basic e-mail, regardless of the PEN), are stored in Outlook. You can search through your Outlook messages and find out which PEN it was sent or received with.

You can also use the email2 Toolbar to quickly and easily access your each PEN through the email2 Web Client.

//Edited June 2009

Do I have to track messages?

No.

The email2 platform can keep a record of all trackable actions that occur on a Private Email Network (PEN). This can be necessary for regulatory compliance and certain legal functionality.

That being said, you can turn tracking 'on' or 'off' on a per message basis, and choose whether or not to share tracking with your recipients.

Turning 'off' tracking will cause the email2 Delivery Slip to report that tracking has been disabled.

If you choose to leave tracking 'on', but disable the “Share tracking” feature, then tracking will be available to you (the sender), but recipients will not be able to view message tracking information.

//Edited June 2009

Do I need the email2 Toolbar to access the email2 Web Client?

No!

The email2 Web Client can be used in conjunction with the email2 Toolbar, but this is not necessary!

Even if you don't use the email2 Toolbar for Outlook, you are able to access the email2 Web Client and retrieve email2 messages addressed to you. This ensures that people that are not using Outlook are not excluded from email2 access.

If you do not have the email2 Toolbar installed, you can access the email2 Web Client by following a link provided for you in the email2 notification message you received via basic e-mail.

The email2 Toolbar allows users to continue to manage all of their e-mails (from different PENs, from basic e-mail servers) in one unified, familiar interface.

The email2 Web Client allows access to extended information regarding specific secure email2 messages.

//Edited June 2009

Do I need to use complicated encryption certificates?

Nearly all other secure e-mail solutions make use of complicated e-mail encryption systems such as the Public Key Infrastructure (PKI). While these methods encrypt the message and provide reliable security for one-way travel, they still rely on the basic e-mail architecture (SMTP Route) to deliver these encrypted e-mail messages. As a result, they still cannot track, audit or recall messages. Even worse, once a message leaves your computer, there is no guarantee that it is protected. PKI solutions are still limited by attachment sizes and offer no additional productivity enhancements. Furthermore, managing the required encryption keys for all the users makes it almost impossible to control.

email2 achieves security by introducing a webservices based architecture using an HTTPS protocol (128bit strong SSL encryption, the same level of security used for online banking) to transport secure messages and attachments while allowing users to retain the same e-mail address and e-mail programs. Content and attachments are still encrypted, but only once they hit the Private Email Network, making the whole process seamless for all users.

email2 requires no special effort on the part of a user to keep an email2 message safe - no encryption keys to deploy and manage, no complicated processes to renew certificates, etc.

//Edited December 2009

Does email2 work on corporate workstations or "locked down" computers?

Yes, of course!

The email2 Web Client works regardless of your computer access rights. If you can open a browser, you can use email2!

In most cases, users can also use the email2 Toolbar for Outlook. If a company is planning to deploy its own Private Email Network, it may dispatch the IT Department to organize email2 Toolbar installations. Even if you cannot run the email2 Toolbar on your computer, you can still always use email2 with the email2 Web Client.

//Edited June 2009

Does email2 work on handheld device?

Members accessing the secure Webmail client from a Smartphone or other web enabled mobile device (like a Blackberry or an iPhone) are automatically directed to a secure email2 Smartphone client. Create, read and reply to your secure messages on your BlackBerry, Windows Mobile and iPhone, or any other Smartphone device. The best part is that it uses the same secure access: all connections are still made over HTTPS (128-bit SSL encryption) and none of your private data is stored on the handheld device. Your information is protected, even if you lose your device. Smartphone access can quickly be enabled or disabled from the Webmail client. Disabling mobile access after a handheld device has been lost or stolen adds additional protection by preventing access to the member’s account through the Smartphone client.

//Edited March 2010

Does email2 work with Eudora/Thunderbird/Apple Mail?

People who do not use Microsoft Outlook can use email2 through the email2 Webmail client.

Even though the email2 Toolbar is only available for Microsoft Outlook, the email2 Webmail client can be used to reproduce all of the the functionality available in the email2 Toolbar.

When you receive an email2 Notification message, it includes a link to access the email2 Webmail client. If you current email client is not supported by the email2 Toolbar, you can still access your secure email2 message by using the email2 Webmail client.

//Edited March 2010

Does email2 work with IBM Lotus Notes?

Yes! The development of the email2 Toolbar for IBM Lotus Notes program is currently under development.

The email2 Toolbar for lotus Notes works along side your e-mail program, allowing you to use email2 without changing the way that you normally use email. If your email client isn't currently supported, you can always use the email2 Webmail client, (which includes all of the functionality of the email2 Toolbar for Outlook), to access your secure email2 messages.

The email2 Toolbar for IBM Lotus Notes is a lightweight Java plug-in for Lotus Notes 8. The minimum system requirements are:

//Edited March 2010

Does email2 work with Microsoft Exchange?

Microsoft Exchange is an industry standard application for managing email, shared calendars, task delegation and more. If you work in a corporate environment, and use other Microsoft products, your organization probably also uses Microsoft Exchange. Integrating 3rd party applications with Exchange is often a difficult process, but with the email Platform, it's not a problem. email2 and Exchange work together perfectly with no special configuration.

Many corporate offices use Microsoft Exchange servers, whether in-house or hosted, to provide the valuable collaboration tools they depend on. email2 integrates seamlessly with all implementations of Exchange, right out-of-the-box. No special configuration on either end. When a user sends or receives a secure email2 message using the email2 Toolbar for Outlook, that message is automatically saved into that user's Exchange mailbox (or PST file). Exchange can implement any existing process on the message including encryption and archiving procedures.

In the event that your organization stops using email2, all the secure email2 messages are still stored in your Exchange server. You never lose control of the data.

//Edited March 2010

Does email2 work with Microsoft Outlook?

Yes! The current email2 platform has been designed to work with the Microsoft Outlook program.

The email2 Toolbar for Outlook works along side your e-mail program, allowing you to use email2 without changing the way that you normally use email. If your email client isn't currently supported, you can always use the email2 Webmail client, (which includes all of the functionality of the email2 Toolbar for Outlook), to access your secure email2 messages.

The email2 Toolbar for Microsoft Outlook is a lightweight COM add-in for Microsoft Outlook 2003, 2007 and 2010. The minimum system requirements are:

//Edited March 2010

Does email2 work with Outlook Express?

The email2 Toolbar is currently only available for Outlook 2003 or 2007.

Outlook Express users, (and users of other email clients such as Thunderbird/Eudora/etc.), can use email2 with the secure email2 Webmail client.

//Edited March 2010

Does every employee have to be 'email2 enabled'?

No, only the employees that will be communicating securely over email2 need to be enabled. By 'enabled', we mean that they need at least one registration to a Private Email Network.

Because of the unique architecture that accompanies the Private Email Network platform, email2 is able to offer a high performance, low cost and easy to use secure messaging solution. In fact, email2 enables an immediate ROI - reduced IT expenses and increased workflow efficiency.

Unlike other secure e-mail solutions, email2 can be deployed slowly, allowing organizations to adopt it in phases. This minimizes the risk associated with integrating new technologies into an existing system. Individual workgroups can be set up with email2 so that entire business processes are not suspended while an IT division installs the necessary software and provides the accompanying instruction. email2 does not interfere with the continued use of basic e-mail; email2 does not need to be deployed enterprise-wide at first.

Since the process of adding a new member to a PEN is seamless (e.g. send them an email2 message, they self-register), you can start with a few employees, and grow the use of email2 organically as need be.

//Edited December 2009

email2 helps improve new e-mail rules & regulations

Many of the new rules and regulations regarding e-mail center on keeping e-mail transaction trails secure, trackable and auditable.

This is exactly what email2 achieves. We make use of a single, centralized message repository coupled with secure HTTPS message transmission. Using this model, we are able to guarantee the validity of email2 messages, as well as retain accurate tracking and audit records.

//Edited December 2009

email2 helps mitigate litigation risks.

Yes!

email2’s ability to monitor message content in 'real time' ensures that your email policy guidelines are being adhered to in company generated correspondence and incoming correspondence form third parties. The cost of dealing with a single negative incident could easily be in the millions and damage a company’s credibility in the market place.

//Edited June 2009

email2 Security Specs

email2 keeps your messages and data secure by using the strongest published encryption and security standards.

128-bit to 256-bit SSL Transport Encryption

SSL, (or Secure Sockets Layer), is a method for making secure connections across the internet. Every time you send or receive data (like e-mails, IMs, even visiting webpages), your computer uses something called a protocol. Some of these might be familiar to you; HTTP, SMTP and FTP are a few popular standards. Protocols can be secure or unsecure. Using SSL is a way of securing internet protocols.

Basic e-mail messages are sent and received using SMTP, POP3 and IMAP4. SMTP, or Simple Mail Transfer Protocol, is a method of sending basic e-mail messages. POP3 and IMAP4 are the two standard protocols for accessing received e-mails. None of these protocols have any inherent security, and all of them are relatively easy to hack.

email2 uses the HTTPS protocol for all of your connections - sending and receiving. HTTPS means HTTP + SSL, and it is the same security used for online banking. These connections encrypt your data and protect it from anyone trying to intercept it or eavesdrop.

AES Encryption for Data-at-rest

When your data is stored on Private Email Network (PEN) servers, email2 automatically encrypts it using the industry-standard AES (Advanced Encryption Standard) encryption algorithm. An implementation of AES has been approved by the US Government for use on documents classified TOP SECRET.

email2 ensures that all data stored on the Private Email Networks is encrypted immediately upon arrival and is only decrypted when requested by an authorized party. This means that once a message is sent, it is effectively "locked" until a valid recipient requests it from the server. This process is automatic and seamless, but incredibly secure.

//Edited December 09

email2 SMTP Message Notifications Delivery

The email2 Platform delivers the content and attachments of the secure email2 messages over an HTTPS connection instead of encrypting the actual message and sending it through the SMTP route, therefore guarantying delivery of all your secure messages. To notify the users of an incoming secure email2 message, a customizable basic e-mail notification is sent via SMTP with a link to click that can also contain custom footers and legal disclaimers.

email2 users configured with the email2 Toolbar for Outlook or Lotus Notes never see the content of the message notification: the Toolbar intercept the notifications and automatically authenticates the users with the company Private Email Network (PEN) and retrieves the message securely to Outlook or Lotus Notes via HTTPS. This is quite different from traditional e-mail encryption programs as it does not require managing encryption keys with all your external users. email2 ensures that you can easily communicate securely with thousands of clients and partners requiring only a 15 second user registration.

Delivery of the email2 message Notifications

For email2 users configured with Outlook or Lotus Notes, the secure email2 notification message is sent directly from Outlook, Exchange or Lotus Notes (e.g. using your company outbound SMTP service, just like basic e-mail messages). This ensures that the notifications come from the organization’s mail server, and everything about the message headers such as the recipient list and subject line remain intact, as prepared by Outlook/Exchange. Only the actual content of the message along with the attachments are replaced by a placeholder message notification (that contains a link to click to access the secure email2 Webmail Client, Legal Disclaimers, etc.). Unlike other products that replace the subject line or advertise their product in those notifications, we designed the email2 platform so that it does not interfere with how your e-mail program and mail server are configured.

Additionally, once the secure email2 messages are sent or retrieved by Outlook, the actual content of the secure email2 messages overrides the notification placeholder text and is stored in the company’s mail server as any other regular message (e.g. email2 it is not a different mail store, the mail server doesn’t know the difference between secure and non-secure messages once retrieved behind your firewall). The content of those secure email2 messages are therefore searchable, archiveable and indexable, unlike e-mail encryption programs.

Using the secure email2 Webmail client, the secure email2 notification message is sent from the Private Email Network (PEN) server. The PEN owner company can configure it to use the company’s own SMTP service (just like Outlook). For convenience, email2 offers a SaaS SMTP service by default to all clients. The email2 SaaS SMTP service is monitored hourly for blacklisting and pro-active measures are in place to prevent notifications from being flagged as spam (current delivery rate of 99.6% (December 2009) based on a third party audit of 1000 e-mail accounts with various ISPs).

Notification Message Customization

The email2 message notifications are entirely customizable with a PEN-specific footer to display the physical mailing address of the company in the format ‘Sent by ABC Medical of 123 ABC Street Beverly Hills, CA 90210, Call: (555) 555-7323'. The PEN also fully supports message notification ‘Legal Disclaimers’ and secure message specific disclaimers (configurable per Membership packages; e.g. different disclaimers for employees of the company, no Legal Disclaimers for your clients replying to your secure messages (Guest users), etc.). Additionally, we do not advertise our product in the message notifications.

//Revised January 2010.

Enable regulatory compliance requirements?

email2 enables technical security safeguard standards for email. With guaranteed, secure tracking and audit records, secure client-server communications and innovative message controls, organizations are able to facilitate better HIPAA, SOX, etc. compliance in a convenient and relatively transparent manner.

The email2 platform enables technical security safeguard standards for email by:

  • Storing all email2 messages indefinitely on a secure, centralized Private Email Network (PEN).
  • Keeping guaranteed tracking and auditing records.
  • Setting up identity validation safeguards.

Regulatory compliance is a large issue in the business world today. As an example, financial institutions are struggling to comply with SEC rule 17a-4 which says they must record all electronic communication between employees and clients. Although the rule has been in effect since 1997, only recently have regulators come down on the industry by fining such firms as Deutsche Bank, Goldman Sachs, Salomon Smith Barney and Morgan Stanley, among others. Not wanting to join this dubious list, financial-services firms are now faced with the task of investing millions of dollars in e-mail archival and retrieval systems or face fines and, even more seriously, a damaged reputation.

S-OX Compliance Matrix

Standard: TECHNICAL SAFEGUARDS Sections Description R/A? Solution
Corporate Responsibility for Financial Reports Section 302 This section requires that CFOs and CEOs personally certify and be accountable for their firms' financial records and accounting. This section has been highlighted due to its link to top management. R email2 offers a level of security suitable for the viewing of sensitive documents over e-mail. The tracking and audit system can verify that individuals have received and opened messages. Additionally, email2 can be integrated with existing digital signature architecture (e-signatures), allowing CEOs and CFOs to digitally 'sign off' on documents securely, safely and easily.
Auditing, Quality Control and Independence Standards and Rules Section 103 This section requires companies to “prepare and maintain for a period of not less then 7 years, audit work papers and other information related to any audit report, in sufficient detail to support the conclusions reached in such report.” R email2 has the potential to record complete, unaltered accounts of e-mail transactions and store them for an indefinite period of time. Implementation of the email2 ICE server module ensures that stored documents remain exactly as they were when they were first received. It is virtually impossible for anyone to alter or destroy stored documents in any way.
Investigations and Disciplinary Proceedings Section 105 Requires “the production of audit work papers and any other document or information in the possession of a registered public accounting firm or any person thereof, wherever domiciled, that the Board considers relevant or material to the investigation, and may inspect the books and records of such firm or associated person to verify the accuracy of any documents or information supplied.” A email2 can keep audit and tracking records private from unauthorized users. Authorized users are able to retrieve complete tracking and audit records, which can be guaranteed accurate by the Private Email Network (PEN) providing them. The information is always stored encrypted, in the same state it was originally received in, with low possibility of alteration or destruction.
Management Assessment of Internal Controls Section 404 Requires companies to report on the effectiveness of internal controls regarding financial reporting. Since internal business decisions and data are discussed, transported and stored in corporate email systems, ensuring that data cannot be accessed or tampered with is critical to the reliability of financial reporting. A email2 messages and attachments are stored on a single, secure server (PEN). All data received by the server is immediately frozen using the ICE (Interchangeable Crypto Engine) and stored indefinitely. When messages are retrieved, the server continues to hold the original frozen copy of the message and attachments. Only authorized users are able to retrieve messages or attachments. Identity validation is performed by a combination of Message Access Keys (which determine who can access a message and contain instructions for doing so) and User Keys, (which identify specific users).
Real-time Issuer Disclosures Section 409 Regarded as the most demanding of the requirements, Section 409 requires that companies provide real-time disclosures of any events that may affect a firm's stock price or financial performance within a 48-hour period. R email2 allows for electronic disclosure of sensitive information. email2 systems ensure that information can only be accessed on a server by authorized parties. Reliance on 128-bit SSL encryption (HTTPS) for transport ensures that information cannot be captured or altered while it is in transit.
Criminal Penalties for Altering Documents Section 802 As a result of the document destruction by various businesses and their accounting firms, most notably Enron and Arthur Anderson, Section 802 provides stiff penalties – fines of up to 1,000,000 and/or prison terms for “whoever knowingly alters, destroys, mutilates any record or document with intent to impede an investigation.” A The email2 ICE server module prevents intentional or accidental destruction of documents. Once a message or attachment reaches the PEN, it is immediately preserved for an indefinite period of time. Data that has been "frozen" in this way cannot be altered or destroyed by anyone, regardless of security permissions.

HIPAA Compliance Matrix

Standard: TECHNICAL SAFEGUARDS Sections Description R/A? Solution
Access Control 164.312(a)(1) Implement technical policies and procedures for electronic information systems that maintain ePHI to allow access only to those persons or software programs that have been granted access rights as specified in Sec. 164.308 (a)(4) R email2 messages and attachments are stored on a single, secure server. All data received by the server is immediately frozen using the ICE (Interchangeable Crypto Engine) and stored indefinitely. When messages are retrieved, the server continues to hold the original frozen copy of the message and attachments. Only authorized users are able to retrieve messages or attachments. Identity validation is performed by a combination of Message Access Keys (which determine who can access a message and contain instructions for doing so) and User Keys, (which identify specific users).
Access Control 164.312(a)(2)(i) Assign a unique name and/or number for identifying and tracking user identity R The email2 system identifies users by e-mail addresses, employee ID, phone number, or any other unique identifier your organization uses.
Access Control 164.312(a)(2)(ii) Establish (and implement as needed) procedures for obtaining necessary electronic protected health information during an emergency R email2 allows authorized parties (such as officials or administrators) to access the protected information that is stored on the server. This information can only be viewed and copied, never destroyed or altered.
Access Control 164.312(a)(2)(iii) Implement electronic procedures that terminate an electronic session after a predetermined time of inactivity A email2 automatically logs out any users that have remained inactive for a period of time, or once a screensaver is activated.
Access Control 164.312(a)(2)(iv) Implement a mechanism to encrypt and decrypt electronic protected health information. A The email2 ICE 'freezes' all information as soon as it hits the server. While this means that the information cannot be changed or destroyed, it also means that it is encrypted using a specific encryption algorithm. Data on the PEN server is always stored in this encrypted state.
Audit Controls 164.312(b) Implement hardware, software, and/or procedural mechanisms that record and examine activity in information systems that contain or use electronic protected health information. R Because of the email2 single-server architecture, accurate tracking information can be displayed in real-time. The email2 system can reliably determine access time and actions taken by the user.
Integrity 164.312(c)(1) Implement policies and procedures to protect electronic protected health information from improper alteration or destruction. R The email2 server ICE freezes data as soon as it arrives. Frozen data can never be altered or destroyed.
Integrity 164.312(c)(2) Implement electronic mechanisms to corroborate that electronic protected health information has not been altered or destroyed in an unauthorized manner. A All copies of documents can be checked against the original frozen copies that are stored on the PEN server. Any discrepancies or omissions will alert parties to attempts to destroy or alter information.
Person or Entity Authentication 164.312(e)(1) Implement technical security measures to guard against unauthorized access to electronic protected health information that is being transmitted over an electronic communications network. A email2 forces all communications to occur over 128-bit encryption SSL pipelines (HTTPS). While basic e-mail is used at some points, sensitive information is never transmitted over basic e-mail channels.
Access Control 164.312(e)(2)(i) Implement security measures to ensure that electronically transmitted electronic protected health information is not improperly modified without detection until disposed of A All copies of documents can be checked against the original frozen copies that are stored on the PEN server. Any discrepancies or omissions will alert parties to attempts to destroy or alter information.
Access Control 164.312(e)(2)(ii) Implement a mechanism to encrypt electronic protected health information whenever deemed appropriate. A The email2 ICE 'freezes' all information as soon as it hits the PEN server. While this means that the information cannot be changed or destroyed, it also means that it is encrypted using a specific encryption algorithm. Data on the PEN server is always stored in this encrypted state.
Device and Media Controls 164.310(d) Create a retrievable, exact copy of electronic protected health information, when needed, before movement of equipment. R Authorized parties are able to instantly retrieve copies of data from the server. These copies are exact, one-to-one reproductions of the original information, and can be checked against the original documents to ensure validity and integrity.
Data Protection   Implement policies and procedures to address the final disposition of electronic protected health information, and/or the hardware or electronic media on which it is stored. R Information that is stored on a PEN server cannot be destroyed until authorized by someone with appropriate permissions. Users and even technical staff do not have the ability to destroy or modify information that has been frozen by the email2 ICE.

//Edited June 09

Glossary of common email2 terms.

email2 secure Web Client or secure Webmail client
This is the most common way of accessing secure email2 messages. The email2 Web Client is a web based access tool. The email2 Web Client can be used to send and receive email2 messages, as well for accessing various types of metadata and extended content. The email2 Web Client can either be a companion application to the email2 Toolbar for Outlook, or it can be a replacement for the email2 Toolbar entirely. The email2 Web Client is specific to a Private Email Network (PEN). That is, every PEN has an independent (branded) email2 Web Client. The email2 Web Client is the easiest way for a user to view the entire list of messages stored for him or her on a PEN.

email2 Toolbar for Outlook
The email2 Toolbar is an add-in for Outlook that allows email2 power users to organize and manage secure email2 messages alongside basic e-mail messages. Important information is displayed in the email2 Delivery Slip, an area next to the message that contains pertinent metadata. The email2 Toolbar is a flexible control that helps users to engage with the email2 processes however they would like. While the email2 Toolbar functions within the Outlook environment, it does not interfere in any way with the use of normal e-mail. When it is installed, users can still send and receive basic e-mail, just as easily as they ever did.

email2 Delivery Slip
The email2 Delivery Slip is a dynamic display area on the right hand side of the message area. If the selected message is an email2 message, the Delivery Slip displays pertinent metadata, including access to video messages and attachments. If you’re composing an email2 message, the Delivery Slip displays becomes the Delivery Options where you can enable tracking, set a unique password for the conversation, etc., directly in Outlook.

Private Email Network (PEN)
This is the server aspect, or platform, of the email2 system. There are many PENs, all independent of each other. An email2 user can belong to as many or as few PENs as he or she desires. These PENs are controlled by PEN administrators, and each PEN can provide a customized level of security or a suite of extended features. Certain PENs may be exclusive to domains or user groups, and certain PENs may charge a fee for access and usage privileges. The flexibility of the email2 PEN platform ensures that there is a specific PEN available that is custom tailored for just about every task or purpose imaginable. email2 messages, as well as related metadata available through the Delivery Slip, are stored in a secure state on the physical servers of a specific PEN.

Outlook Activation
The Outlook Activation is an automatic process. When the email2 Toolbar for Outlook attempts to retrieve the Delivery Slip for an email2 Notification message from a PEN that it has never encountered before, a process known as “PEN Discovery” takes place. The user is prompted to either allow or block further communication with the PEN, (identified by name and certification status). If a user allows communication, he or she ‘activates’ for the PEN. From a user’s perspective, activation is complete as soon as he or she allows the secure communication with the PEN.

Member Registration
Member Registration refers to the process of fully registering with a PEN. This process includes supplying a set of personal information that can be used to identify your email2 account. The following is a common list of information required for member registration, but because this is determinable on a per-PEN basis, specific PENs may ask for more or less information during registration: Full name, Address, Phone number, Password, etc. If a PEN charges its members for access to the PEN, billing information is completed during the registration process as well. Depending on the security settings of a PEN, registration may need to be validated by phone, basic e-mail, or any other criteria a PEN specifies.

email2 Message Access Key
This is part of a unique email2 signature that is embedded in every email2 Notification Message. The message email2 Access Key is an obscured string of characters, describing to the email2 Toolbar the location of an email2 message. This generally entails the IP address of the specific PEN, the message ID, and when necessary, the parent message ID.

email2 Member Key
This is the unique identifier with which PENs interact with members. For all intents and purposes, a user key is synonymous to the member him or herself. A member key is created during the registration process, transparent to the member. Since members can belong to multiple PENs, a member key is tied to a specific PEN identifier (the PEN’s SGUID). Member keys are generated from a member’s basic e-mail address and a specific SGUID.

email2 Interchangeable Crypto Engine (ICE)
Just as email2 is a new way of utilizing the potential of network communication, the email2 ICE is a new way to make the most of existing security technologies. The ICE allows for the quick and easy integration of new encryption methods, giving PEN administrators the power to upgrade security solutions dynamically, in step with the industry, instead of perpetually behind them. The ICE is not a type of encryption, but an interface for using existing encryption methods. The ICE enables administrators with sufficient permissions to integrate existing encryption methods into PENs, allowing for truly customizable security solutions.

email2 Certification Authority
The email2 Certification Authority is an entity independent of any Private Email Networks (PENs), clients, or other interested parties. The job of the email2 Certification Authority is twofold: to provide PENs with certificates that can be used to verify identity and validity, and to digitally sign encryption methods to be used by the email2 Interchangeable Crypto Engine (ICE). The email2 Certification Authority ensures that PENs and encryption methods are legitimate and that they behave as they are reported to. Its purpose is to prevent mischievous or intentionally malicious people from taking advantage of email2 users by hosting unsafe PENs or providing potentially harmful encryption methods. Authorized administrative users are able to submit encryption methods, which can be manually inspected for malicious code, digitally signed and then returned for use with a specific PEN. The email2 Certification Authority protects against ‘phishing PENs’ (bogus PENs that exist only to illicitly gather user information) by issuing security certificates to PENs that investigation has determined to be legitimate and trustworthy. During the ‘PEN discovery’ process, users are able to see whether or not a PEN holds a security certificate, and integrate this information into the decision making process of whether or not to allow communication with the PEN.

//Edited December 2009

How can email2 be both secure and fully auditable?

All secure messages stored on a Private Email Network (PEN) are encrypted using a Master Key. This Master Key is entered at the time of the PEN Certification either by the PEN Administrator or a trusted member of your organization. This Master Key is the basis for all data-at-rest encryption.

Depending on the security settings of your PEN, PEN Administrators may have access to managing message metadata (message subject, dates, recipients, etc.) but not the actual content of the secure messages - unless they have the Master Key.

So if administrators don't have the Master Key, who does?
This Master Key can be kept by whoever the PEN owner (your organization) deems acceptable. A PEN Manager may be designated, or a third party data security company may be able to hold the Master Key private from all company personnel until it is needed for an audit or legal investigation.

//Edited June 2009

How can email2 help my company mitigate the risk of inappropriate e-mail messages being sent?

Company branded Private Email Networks (PENs) can be configured to preemptively filter out messages containing inappropriate key strings of text (e.g. racial slurs, sexually inappropriate language, impolite or vulgar words). These email2 messages are never delivered, and an administrator is notified of the incident. This helps to contain incidents and is an effective risk management tool. Filtering can also prevent offensive inbound messages from being retrieved.

PENs are also able to block communication with inappropriate domains (e-mail addresses). This could include competing companies, or in the case of a private company PEN, simply any e-mail addresses not associated with the company. PENs can be configured so that users are only able to communicate with people in a pre-defined list (black and white listing).

In addition, a properly configured PEN is able to silently monitor communication between users when a filter determines that it contains certain key words or phrases. This is a useful records-keeping tool should the records ever be required for litigation or an audit.

//Edited June 2009

How can I get my old email2 messages once I install the toolbar?

If you've been using the email2 Web Client and you enable the email2 Toolbar for Outlook, you can access all your old secure email2 messages in Outlook as long as you still have the original email2 notification messages. email2 notification messages contain a special access key that is recognized by the email2 Toolbar for Outlook and used to access the content of email2 messages. This access key only allows the owner of the e-mail address to access the email2 message, so it is also completely secure.

Once you've installed the email2 Toolbar for Outlook, selecting an email2 notification message will automatically convert it into the appropriate email2 message.

If you no longer have the email2 notification messages, you can still access your email2 messages in the email2 Web Client. If a message is especially important to have in Outlook, you can 'resend' the message notification using the Web Client.

//Edited June 2009

How can the email2 Toolbar and Web Client be branded?

The email2 Toolbar and Web Client have been designed with branding in mind. We understand that companies need all parts of their system to have a coherent corporate identity.

The email2 Toolbar always displays the name and logo of the Private Email Network (PEN) for the currently selected message. If a PEN has certain brand-specific modules installed on it, custom buttons or icons are displayed on the email2 Toolbar. Nearly every part of the email2 Toolbar is customizable.

The email2 Web Client is even more customizable than the email2 Toolbar. The entire web application can be branded so that it displays the company logo, the company colour scheme, and even specific design elements.

With branding, the entire email2 experience can completely reflect your company's corporate identity.

//Edited June 2009

How compatible is email2?

email2 is compatible with existing email structures. If you are using Microsoft Outlook, Exchange, Zimbra or have a scanning process, archiving system, indexing system or any other perimeter defense in place, the email2 Security Platform will work alongside the existing structure to provide additional security and privacy.

The only difference is that email2 bypasses SMTP and instead uses a secure HTTPS connection for exchanging secure email2 messages, through the use of the Private Email Network platform (acting as a gateway server). That's where the true value proposition resides: we don't replace or interfere with anything. Everything you currently have in place still works the same, including PKI, if you are already using email encryption (using email2 will cause your email client to exchange the encrypted message over HTTPS instead of SMTP).

There are several advantages to this type of architecture, (e.g. accurate tracking, no size limit on attachments, etc.), which cannot be addressed by simple email encryption. And of course, the HTTPS transfer protocol is just as secure as any email encryption available on the market.

//Edited March 2010

How do bandwidth and storage restrictions work?

email2 packages are set up with bandwidth and storage space restrictions, but a lot of people don't understand exactly how this works. email2 is different than basic e-mail in a lot of ways, especially when it comes to attachments. With basic e-mail, attachments get uploaded and downloaded far too many times, and they get stored redundantly all over the place. email2 changes all that.

Here's an explanation of how bandwidth and storage space work within the context of email2:

Bandwidth is another name for data transfer, and it is consumed any time a file moves from a local environment (your PC) to the server (the PEN) or vice versa. This means that when you upload a file to the server, you are consuming bandwidth, and when your recipient downloads a file, he or she is consuming bandwidth. However, once a file has been uploaded, it does not need to be uploaded again every time it is sent. Bandwidth is only consumed once when a file is uploaded, but it is consumed every time that a file is downloaded.

Storage is a bit different. When you upload a file to the PEN (by attaching it to an email2 message) it is stored on the PEN servers. Storage is only consumed once per file, regardless of how many people retrieve the attachment. This is because they are downloading the file to their local PC, not to an e-mail server.

//Edited June 2009

How do I deploy my own PEN?

email2 is offered both on-demand (SaaS) and host it yourself behind your firewall (Sekf-Host). While we can host your Private Email Network (PEN) with the SaaS model, we do not replace any of the basic e-mail infrastructure you currently have in place. Once sent or retrieved, email2 messages are stored behind your firewall as any other e-mail message. Your company retains total and singular control over all of its own data.

When you first enable your Private Email Network, we ask you to enter a Master Key (encryption seedkey) that is used as part of the AES encryption algorithm used to encrypt all your data for storage purposes, available with the SaaS and Self-Host models.

email2 messages are transferred securely across the wire using HTTPS and are server-side encrypted as soon as they reach your PEN. They are stored encrypted for the entire life cycle of your account and only accessible to people that you have sent these messages access to.

The email2 PEN acts as a transit gateway where all email2 messages are stored and exchanged, but NOT as your final email data store such as Microsoft Exchange or your local PST file.

//Edited November 2009

How does email2 increase management control?

Companies or organizations are able to establish their own Private Email Networks (PENs) and regulate membership, allowing for totally secure and auditable transactions between PEN members. These secure email2 messages are accessed with the help of a free, secure email2 Web Client or the free, downloadable email2 Toolbar. The email2 Toolbar can be installed quickly and easily, and is universal to all PENs. Both the email2 Toolbar and the Web Client are as easy to use as basic e-mail.

Management control is enhanced by real-time content management for both inward and outward bound secure email2 Messages. Messages can be filtered for employees based on content, subject, sender, or other recipients. This feature can be used to drastically reduce the cost of lawsuits associated with litigation because of e-mail harassment or inappropriate e-mail messaging.

If desired, management can enact pre-defined security levels, limiting correspondence to highly controlled distribution lists based on domain name or full e-mail address.

email2 uses a centralized, mutually trusted server to ensure that policies are always upheld. However, existing policy systems, such as Information Rights Management (IRM) and Digital Rights Management (DRM) are not affected by email2: they still work exactly as they did with basic e-mail.

//Edited June 2009

How does email2 offer end-to-end security?

When an organization signs-up for their own corporate, branded Private Email Network (PEN) using email2, they must enter an encryption seedkey, or password called 'Master Key' that will be part of the creation of a unique encryption certificate. This encryption certificate will then be responsible for encrypting all data-at-rest on the server, including attachments (AES 256-bit server-side encryption) stored on on the PEN. This means that nobody else can read, access or tamper with your secure messages along the way.

email2 messages are transferred across HTTPS connections, which are secure channels using a minimum of 128-bit SSL encryption - this is the same security used for online banking.

Form more information please request the email2 Security White Paper.

//Edited June 2009

How does email2 provide legal and financial protection?

email2 enables completely trackable and auditable e-mail transactions. This ensures that message senders and recipients are accountable and protected.

New secure email2 messages are stored in a centralized, secure message repository called a Private Email Network (PEN) and are retrievable individually by authorized users. Copies of the email2 message are not kept on random routing servers as they can be with basic e-mail.

The security features of email2 guarantee that only intended recipients are able to access sent messages, keeping the information safe and confidential.

//Edited June 2009

How is the email2 attachment system more efficient?

email2 uses an entirely different system for attachment transfer and management - but of course, it's completely seamless to the user!

The first time that an email2 attachment is sent, it is uploaded to the Private Email Network (PEN) using a secure HTTPS connection. It is then stored encrypted on the PEN platform server. When recipients receive an email2 attachment, they are not actually receiving a file, but credentials (in the form of a access rights) to retrieve the file from the PEN.

Because of this architecture, we introduce a number of useful features:

//Edited June 2009

How many members per Private Email Network (PEN)?

We provide a Private Email Network (PEN) package to accommodate your needs. Technically, there is no limit to the amount of members (users) that can be on the same PEN.

PEN Members are divided into 2 groups or types, 'Premium' and 'Guest'. Premium type are typically employees of your companies that can invite create new secure messages and have access to all the features available. Guest types are used for members outside your organization such as clients or partners and are restricted in functionality with only the ability to reply to your secure messages.

//Edited December 2009

How reliable is the email2 hosted solution?

The email2 hosting (SaaS) infrastructure is very reliable.

Every packages provides you with:

  • 99.9% uptime service level agreement (SLA)
  • State-of-the art data centers featuring N+1 redundant networks
  • High security (24-hour on-site security guards)

In addition, our solution includes regular server maintenance and backups, which means that a total crash is very unlikely, and in the case that one does occur, all of your data will not be lost. Contact your Reseller for additional SaaS configuration information White Papers.

//Edited December 2009

How would branding a Private Email Network help my company?

Branding a Private Email Network (PEN) means that all of the email2 messages coming from your company will carry your logo.

This means that:

This is an opportunity for advertising and promoting brand recognition. Having a customized, branded PEN allows your company to use the email2 system and enjoy its many benefits without sacrificing any elements of an established corporate identity.

Any company can deploy a PEN, or even multiple PENs, specifically tailored to meet their needs. This allows secure, trackable, auditable communication within the company, or even extending beyond the company.

//Edited June 2009

I use other add-ins for Outlook (Plaxo, Xobni, etc.)?

We are constantly testing with the latest versions of popular add-ins. The record holder email2 users is currently 33 concurrent add-ins in Outlook. If you do find an Outlook add-in that appears to be conflicting with the proper functioning of email2, do not hesitate to contact us using the 'Report an Error' feature under the 'Tools' menu of the email2 Toolbar.

//Edited March 2010

If I can use the email2 Web Client, doesn't that mean that email2 is just another web-based email system, like Gmail?

Not at all!

The email2 Web Client is a user interface for a very sophisticated secure e-mail platform. Using the email2 Web Client may be as easy as using web-based e-mail, but the principles behind the email2 Web Client are vastly different. All message transactions occur over HTTPS connections, which employ 128-bit SSL encryption. In addition, features like simple, attachment-free video messaging are not possible with web based implementations of basic e-mail.

While email2 is able to operate wholly independently of existing e-mail systems, it also has the novel feature of being entirely conjunctive. email2 can work with existing e-mail to strengthen its inherent shortcomings. email2 does not require you to change your e-mail address, e-mail client, ISP or anything else; web based e-mail solutions do.

//Edited June 2009

If I select a PEN how do I differentiate PEN members from regular contacts?

When you are in the email2 Web Client, the 'Members' tab shows you all members, or contacts that you have interacted with on the Private Email Network (PEN). This includes people that you have sent email2 messages to, as well as people that have sent you email2 messages.

Your regular contacts (i.e. your basic e-mail contacts) will not appear in the email2 Web Client 'Members' tab.

If you are using the email2 Toolbar for Outlook 2003 & 2007, email2 is fully integrated with your e-mail client. You have access to your full Outlook address book. If you send a basic contact an email2 message, that user will receive an invitation to join the Private Email Network that you are using.

//Edited June 2009

If I set up multiple PENS, do I have to select a specific PEN before I log in?

Yes.

This is because PENs are independent of one another and have different web addresses. For example, the email2 Private Email Address can be accessed at: https://secure.email2.com/beta/web/ A different PEN would have a different web address (https://secure.email2.com/example2/web/ for instance).

Once you log in to the email2 Web Client, you only have access to that specific PEN.










If the email2 Toolbar is free, should I expect spyware? What else are you going to install?

No, we do not package spyware with the email2 Toolbar, nor do we ever plan to do so.

At email2, our business is privacy and security. We understand the inherent privacy and security risks associated with spyware, malware and information harvesting.

All installed components are required for the proper functioning of email2. Helper programs, such as email2Cmd.exe, may be run at times, but none of the applications contain any information harvesting or spyware capabilities.

If your computer doesn't have the Microsoft .NET Framework 2.0 installed, it will be installed with the email2 Toolbar. The .NET Framework is a free framework provided by Microsoft, and is required for many programs.

The email2 Toolbar is free for all users, and will remain so. We offer on-demand Private Email Networks. Our revenue model does not include selling our users' private information or otherwise compromising their security. For more information, please read our Privacy Policy.

//Edited June 2009

Institute good Corporate Governance practices

A good e-mail policy in place will secure your company in several ways. Firstly, the e-mail policy helps prevent e-mail threats, since it makes your staff aware of the corporate rules and guidelines, which if followed will protect your company.

If an incident does occur, an e-mail policy can minimize the company's liability for the employee's actions. Previous cases have proven that the existence of an e-mail policy can prove that the company has taken steps to prevent inappropriate use of the e-mail system and therefore can be freed of liability.

email2 allows companies to monitor message content in 'real time' (Data Leak Prevention) to ensure that the rules and guidelines are being adhered to demonstrating good corporate governance reducing the costs of employee education and retention. It also secured every transaction ensuring that your information does not end up in the wrong hands. Finally, it gives the corporation the necessary tools to audit usage, and block at the source who your employees can communicate with.

//Edited November 2009

Is additional server software required?

Additional servers or software is not required with the SaaS / Cloud offering. While we host your Private Email Network, we don’t replace any of the basic email infrastructure you currently have in place. Once sent or retrieved, secure email2 messages are stored behind your firewall as any other email message. Your company retains total and singular control over all of its own data.

For larger deployment, the email2 Security Platform is also offered as a traditional dedicated server license, which requires servers and additional software to be deployed.

//Edited March 2010

Is email2 as secure as e-mail encryption (PKI, etc.)?

email2 secures the channel itself by rerouting all sensitive data across HTTPS connections instead of the less secure, standard SMTP/POP3/IMAP4 connections. PKI secures the message by encrypting it (one way only) and then sending it across the less secure basic e-mail channels.

With email2, messages are stored in a centralized, secure message repository (your PEN). Access to email2 messages is only granted to authorized users with sufficient privileges.

In addition, email2 doesn't have to replace PKI - both can work flawlessly in conjunction with one another. Neither the security of email2 nor PKI is compromised.

//Edited June 2009

Is installing the email2 Toolbar required in order to get started using email2?

No, the email2 Toolbar is not required to start using email2. Instead, you can use the innovative email2 Web Client. The web client interface has been built with Web 2.0 methodology and extensive use of AJAX, making it an incredibly fast, functional and intuitive system. The email2 Web Client reproduces all the functionality of a traditional email client such as Outlook, but with all the added features that email2 brings to email messaging.

Isn't a Private Email Network (PEN) Web Client Internet address (URL) publicly available? How is that safe?

The Internet address (URL) is indeed public, but this web address isn't useful unless a person belongs to a particular Private Email Network (PEN).

Using the administrative controls provided by email2, PEN Administrators are able to restrict access and create "Controlled Access" PENs which do not allow users to join unless they are explicitly invited by a member. Any members that are no longer needed in the Private Email Network, or that are abusing it, can be quickly 'disabled' by the PEN Administrator.

Even when using a relatively open access Private Email Network, all members must register and confirm their identities before using the Private Email Network.

//Edited June 2009

Member Roles: Premium VS Guest

Members can have two distinct types or roles within your Private Email Network: ‘Premium’ and ‘Guest’. Types or roles are set as part of a 'Membership Package'. Custom Membership packages can be designed to control feature access, storage capacity, etc. The Member Type is the only variable that drives the monthly billing:

Feature / Member Types Premium Member Guest Member
Retrieve / Read secure email2 Message
Reply to a secure email2 Message
Create new secure email2 Message (unlimited)
Forward secure email2 Message
Recall secure email2 Message
Invite New Members
Delivery Slip Access (Tracking, etc.)
Video Messaging
Webmail & Mobile Client Access
Outlook / Lotus Notes Toolbar Integration
One-hour response time Chat & Email Support

//Edited March 2010.

Prevent from distributing my content or documents?

No! email2 is NOT meant to protect the data after it made it safely across to the intended recipients. Protecting content and attachments once they reside on the recipient's computer is something that many technologists have been trying to address for a long time. If this is the problem you are trying to address, we recommend that you look into Microsoft’s Information Rights Management (IRM) technology, which obviously works with email2.

//Edited December 2009

Removing the email2 Toolbar - what happens?

If you uninstall the email2 Toolbar for Outlook, all retrieved secure email2 messages are converted into basic email messages. If you have not retrieved an email2 message, you will not be able to access it through Outlook after the email2 Toolbar is uninstalled. You still have the option to access the un-retrieved message from the email2 Webmail client once the email2 Toolbar is uninstalled. And of course, you are always welcome to reinstall the email2 Toolbar and retrieve any secure email2 messages you may have overlooked. Re-installing the email2 Toolbar for Outlook will also 'revive' all your email2 messages back into their original condition, including access to the email2 Deliver Slip.

//Edited March 2010

Replies to an email2 Notification Message.

Sometimes, new users reply to email2 Invitation or Notification Messages, which are sent using basic e-mail. When this happens, the reply is not sent securely via email2 as intended.

Most users that are replying to email2 Notification Messages are unaware that they are doing so. For this reason, when a user replies to an email2 Invitation Message, the initial sender's email address is automatically changed to a default 'do not reply' e-mail address such as 'email2-notification-do-not-reply@email2-pen.com' or similar depending where your PEN is hosted.

When an email2 message is sent to the default 'do not reply' e-mail addres, the email2 system will automatically notify the recipient back with a generic message that their reply did not make it to the intended recipients.

If a user is intent on replying to an email2 Invitation or Notification message, he or she may do so by changing the "email2-notification-do-not-reply@email2.com" e-mail address back to the initial sender's e-mail address. The purpose of this safeguard is only to prevent accidental replies, not intentional ones.

//Edited December 2009

Since email2 uses an Outlook Toolbar, how would the distribution / update procedure be handled in a large enterprise?

Updates to the email2 Toolbar are driven directly from the Private Email Network (PEN) - PEN Administrators decide independently when it is time to update the Toolbar and the process occurs automatically (though a self-update check performed on the initial load of Outlook).

Unlike many other solutions (anti-virus, spam control, encryption), email2 can be deployed slowly, in a workgroup-by-workgroup fashion. This is because email2 is backward compatible and need only be installed by those who wish to use it. If the Toolbar installation is a problem, users are still able to access email2 messages via the email2 Web Client (built in an attractive, intuitive AJAX / Web 2.0 fashion). The email2 Web Client reproduces all of the functionality of Outlook, but specifically for secure email2 messages.

//Edited June 2009

Subscribe to more than one PEN using Outlook?

Yes! You can subscribe to as many Private Email Networks (PENs) as you would like, with as many e-mail addresses as you would like. The email2 Toolbar for Outlook has been designed with this in mind. Using dropdown menus, it is easy to select which PEN you would like to use on a per-message basis.

//Edited December 2009

Unlimited file size attachments? How?

As electronic communication continues to grow, and online collaboration becomes a business norm, the sharing of large files becomes a practical necessity. Originally, e-mail was not designed to accommodate large file transfers, and implementing this functionality became much easier said than done.

As time progresses, people need to share larger files. Traditional e-mail cannot accommodate this need. One of the major issues is that with ‘push’ architecture, large file sizes can bog down a recipient’s e-mail access, as enormous files are downloaded at the same time as relatively tiny text-based e-mails.

email2 effectively solves this problem by fundamentally rejecting the ‘push’ architecture and adopting a more user-based ‘pull’ architecture. Users are not forced to download unwanted files, nor are they forced to download attachments in order to retrieve the rest of their email messages. Large attachments can be downloaded at a user’s leisure.

Attachments are stored on the Private Email Networks (PEN) encrypted in multiple pieces. Because of this, and because email2 relies on HTTPS (128-bit encryption SSL) instead of standard e-mail protocols, an integrated download accelerator is used to download several pieces of the same file in parallel. This substantially reduce the time required to download large files; in some cases, download speeds can be increased up to 400%.

Additionally, reliance on an HTTPS based ‘pull’ architecture eliminates download size restrictions. Users can attach and retrieve files as large as they would like, provided that they have the bandwidth and network resources to accommodate such transfers, directly in their Outlook client.

//Edited June 2009

Use email2 in countries that control e-mail like China?

Yes!

Many of our current customers and users have confirmed that email2 messages are successfully delivered to Chinese recipients. Because email2 messages are exchanged across HTTPS connections, typical filters for basic e-mail does not affect them. If a potential recipient can reach the email2 Web Client for a Private Email Network, he or she will be able to read email2 messages.

//Edited December 2009

We already have an intranet. Why do we need email2?

Even the most advanced intranet systems cannot reliably keep tracking and audit records. This is because of several inherent flaws in the structure of basic e-mail. Basic e-mail was never designed to be used as a transactional business tool.

email2 can be deployed in conjunction with an existing company intranet and functions primarily to track incoming and outgoing messages, as well as to keep guaranteeable audit records, often a key aspect of new regulatory acts.

email2 also functions as a second layer of security. If the company intranet is ever compromised for whatever reason, the email2 PEN and all the data stored on it will remain safe.

A PEN, or Private Email Network, is the server aspect of the email2 system. Software runs on a physical server or a group of physical servers, creating the central hub of all email2 communication using that specific PEN. A group of users belong to a PEN and can communicate amongst one another using the email2 Toolbar or web client interface. Data travels exclusively between users and their selected PEN, never falling into a non-controlled environment.

Depending on the security and privacy settings of a specific PEN, members of the PEN may be allowed to invite outside users to join and communicate. In the case of a private, company-based PEN, membership can be limited to employees, or even groups of employees.

As a company, you can deploy as many PENs as you would like. For example, you could have a single PEN for all internal communication, or separate PENs for the marketing, research and development departments.

// Edited June 2009

What are e-mail aliases? Does email2 support them?

We'll answer this question in a few parts, but the short answer is yes, the email2 platform does support e-mail aliases.

What are e-mail aliases?

Sometimes when you have an e-mail address like derek.smith@sys-national.com, people will send messages intended for you to the wrong address: like derek@sys-national.com. In some cases, IT administrators set up "e-mail aliases" for your main e-mail account -- so that any message sent to derek@sys-national.com will get rerouted to derek.smith@sys-national.com.

Do I have an e-mail alias?

Maybe! The easiest way to find out if you have an email alias is to ask your IT administrator if he or she has defined any for your e-mail account. If you are a home user, you can contact your ISP. If you're using a free e-mail service like Gmail, Hotmail or Yahoo! Mail, you almost certainly do not have e-mail aliases.

Does email2 support aliases?

Of course! You must define your e-mail aliases in the 'Tools' section of the email2 Web Client, and then show that you legitimately own them by clicking a confirmation link in the email that we will send. It is recommended that you contact your PEN Administrator or email2 Reseller before adding new aliases to your account. Most users will not need to set up e-mail aliases for their email2 accounts. You should only worry about configuring e-mail aliases if you've encountered problems retrieving secure email2 messages that were sent to e-mail aliases you own. If you're concerned about whether or not you need to define e-mail aliases, please contact your PEN Administrator or email2 Reseller.

//Edited June 2009

What are the system requirements for email2?

To use email2, all you need is a web browser, an internet connection, and an existing e-mail address.

The secure Webmail client is a full featured AJAX web-based mail client that gives you immediate access to all of your secure email2 messages on a single Private Email Network. It is compatible with most major web browsers on Windows PC, Mac or Linux, including

The email2 Toolbar for Microsoft Outlook is a lightweight COM add-in for Microsoft Outlook 2003, 2007 and 2010. The minimum system requirements are:

The email2 Toolbar for IBM Lotus Notes is a lightweight Java plug-in for Lotus Notes 8. The minimum system requirements are:

//Edited March 2010

What are the system requirements for the email2 Toolbar or Web Client?

In order to run the email2 Toolbar for Outlook, you must have the following installed on your computer:

  • Outlook 2003 or 2007
  • .Net 2.0 Framework (will be installed automatically with the Toolbar if you do not have it)
  • Adobe Flash Player 8 (for video - optional, you will automatically be prompted to install it when required)

The email2 Toolbar installer will verify that you have these requirements, and download them for you if necessary.

In order to use the email2 Web Client, you must have the following:

  • Microsoft Internet Explorer 6.x or 7.x with javascript enabled.
  • or Firefox 2.0.0.3+ with javascript enabled.
  • Adobe Flash Player 8 (for video)

// Edited July 2008

What does it mean when a message is "recalled"?

email2 allows senders to truly recall messages that were sent in error. When a message is recalled, recipients are no longer be able to access the message or its attachments. The only thing that recipients will see is the message subject line, and a notice that the message has been recalled by the sender, even if using MS Outlook.

Unless a recipient has already read the message, he or she never will. Even if the message had been accessed before, the next time a recipient tries to view it, it will be unavailable.

Only senders may recall a message, and once recalled, a message cannot be recovered. When recalling a message, senders are optionally able to give an explanation, which will be displayed to any recipients that try to access the message.

//Edited November 2009

What is a Private Email Network (PEN)?

Private Email Network (PEN): a Controlled, Centralized Secure Messaging Platform

Secure the line, not just the message: the email2 platform takes secure messaging to a new level, giving you ownership of a secure communication path from sender to recipient through your own, fully branded Private Email Network or PEN. Every message is secure, tracked and auditable allowing you to prove who read your communication and what they did with it.

A Private E-mail Network (PEN) is a way for organizations to retain control of the information that they send over e-mail without adopting a whole new system of communication. A PEN is like a “gated e-mail community” available only to members that have been invited and completed the registration and authentication process. Using a PEN doesn’t mean that you have to replace any technology that is currently in place like your e-mail address and or e-mail programs; the email2 platform acts as a secure message gateway by bringing a more reliable protocol to your existing e-mail infrastructure (wrap-around security and productivity enhancements).


  1. On ‘SEND’, the Microsoft Outlook or Lotus Notes email2 Toolbar intercepts the command and re-routes the message via HTTPS securely to the PEN instead of sending the message encrypted via SMTP. At this stage, the transmission is encrypted. Once transferred securely to the PEN, the message content and attachments are encrypted ‘at rest’.
  2. The PEN then prepares a 'notification message' and sends it back to Outlook or Lotus Notes using the same route, where this notification message is sent from the client’s Outbox to the intended recipients via SMTP (optional). Click here for more information on how these message notifications are being delivered.
  3. Recipients receive the notification message alerting them of a new secure email2 message. If the recipients are already enabled using Outlook or Lotus Notes, the process is seamless: the email2 Toolbar recognizes the notification message and sends a command to authenticate the member and decrypt the message and attachments, then transfers this content, along with the Delivery Slip metadata, using the same encrypted HTTPS route. For non-Outlook users, a convenient link is provided in the notification message to access the Secure Webmail or Smartphone client where they can securely read and reply to their secure messages.

Most other secure e-mail solutions available work by encrypting the message being sent using local certificates and public/private key pairs. Beyond the practical problems associated with setting up and maintaining these solutions, especially for users outside of your organization, a larger issue is that once those secure messages leave your mail server, they are sent over an unsecured and unreliable SMTP network without any tracking or audit capabilities. Copies of your messages can be left on servers that neither you nor your recipient control or they can just become lost in cyberspace.

A Private Email Network (PEN) utilizes a closed-loop of secure and redundant servers for all secure communications. The PEN manages all secure messaging functions including message transport, encrypted database storage, archiving and tracking. When a member sends a secure email2 message, a direct and secure connection is established between the sender’s client (e.g. MS Outlook) and the PEN server. When a notification message is received, the member recipient uses the same client (e.g. MS Outlook, IBM Lotus Notes, Webmail or Smartphone client) to directly and securely connect to the PEN to retrieve the message, attachments, voice and video message, and associated metadata contained in the unique email2 Delivery Slip. Information exchanged on a PEN can only be accessed by members of that same PEN with the correct credentials (e-mail address and password, or more). Confidential information in secure email2 messages can only be viewed by the members that they are intended for.

Secure email2 messages can be stored by Outlook into the traditional e-mail server repository (e.g. Exchange, Zimbra) as any other basic e-mail messages (optional, if enabled by the PEN Admin). This means that all company data is stored behind the company’s firewall and any existing archiving or indexing e-mail systems will still work with secure messages, unlike with e-mail encryption programs. Although the email2 platform creates a second data store for all your secure email2 messages, it does not create a ‘separate’ data store: when sent or retrieved, all your secure email2 messages can be stored on your e-mail server as any other basic e-mail messages, ensuring your archiving and indexing infrastructure still works. Having a single, secure message repository enables your organization to facilitate e-mail compliance standards. In the event of a local disaster, secure email2 messages are unaffected because a copy of your data can easily reside in an encrypted state on a remote server. In effect your PEN can be viewed as a full-featured disaster recovery tool for your most sensitive communications. If at any point a member stops using the PEN and uninstall the email2 Toolbar, these downloaded secure messages will behave as any other basic e-mail messages, without the added functionality of the PEN (e.g. Delivery Slip with tracking metadata, etc.). None of the company data is ever lost even if you stop using your PEN.

//Edited: December 2009

What is email2? Is it different from basic email?

What is wrong with my email?

Email uses 1980’s technology designed for hundreds of users – not millions. Lacking user authentication and message tracking, SPAM and viruses push email to the brink of collapse.

After leaving your network, email uses unsecure servers outside your firewall to deliver your message. If something goes wrong, you do not know! Plus these servers allow hackers to read your messages. There is finally a solution.

email2 is your own White House Red Phone. It creates a Private Email Network (PEN) for your organization.

What is A Smarter Send?

Private Email Networks give control over your communication.

What is the email2 value proposition?

E-mail today is plagued by a combination of security flaws, functionality limitations, spam, viruses, and reliability issues. The costly nature of these problems makes a novel solution necessary, but the widespread reliance on traditional e-mail makes this goal challenging. A solution should work in tandem with existing e-mail structures, strengthening the weak points and adding features where they are needed. An e-mail upgrade should also be sufficiently easy to use in order to obtain widespread market penetration. email2 meets and exceeds these two requirements.

Not just a simple encryption technology, email2 distinguishes itself from PKI encryption approaches to e-mail security. email2 is a complete secure messaging solution, dealing with security alongside issues such as usability and feature arrays. In addition to being a different approach to the problems of e-mail, email2 is a better approach to the problems of 'e-mail'. email2 is the fastest and easiest to use secure messaging solution available today.

email2 is inexpensive to implement, and easy to integrate with existing e-mail technologies and upgrades. email2 provides an immediate ROI - any cost associated by setting up the system is immediately recouped in productivity gains, spam reduction and virus protection.

A major benefit of the email2 platform is that it is fully brandable and entirely extensible. Everything from the email2 Toolbar to the email2 Web Client can be completely branded with a company logo, colour scheme and corporate identity. email2 provides a true secure messaging solution that will be aesthetically coherent with your company’s corporate identity.

The extensibility of the email2 platform means that when new features become available, either developed by third parties or email2 itself, they can be integrated into existing systems seamlessly and easily. The suite of email2 APIs allows developers to create new modules for use with the system, which can be created exclusively for specific verticals.

Most importantly, email2 works in conjunction with existing e-mail technologies: it does not preclude a user from continuing to use basic e-mail when necessary. Nor does email2 require a new program or method of dealing with e-mail messages. Because of our unique “add-on” architecture, email2 Messages can be stored alongside basic e-mail messages and can be accessed or acted upon from a common and familiar interface. email2 does not replace any existing e-mail technologies. The email2 platform does not replace Microsoft Exchange, the corporate standard for e-mail management. email2 works in conjunction with and along side existing Exchange setups. Retrieved email2 messages can be stored in Exchange, or they may never see Exchange, depending on the security settings configured by the Private Email Network (PEN) administrator. If a PEN is configured to keep messages off an Exchange server, the email2 messages are effectively never stored locally, enabling secure, reliable, “recordless” transactions.

//Edited June 2009

What is the email2 Web Client?

The email2 Web Client is a browser-based access platform for email2. It does not matter what operating system or email client you're using, anyone can use the email2 Web Client.

The web client is a way for users to access their email2 messages on a specific PEN without using Outlook and the email2 Toolbar - a standard web browser is all that is needed.

While power users may want to use the email2 Toolbar to organize and manage their email2 message, many users will find the web client is more than adequate for their needs. The web client can reproduce all of the functionality found in the email2 Toolbar. Using the web client, users gain access to extended metadata pertaining to messages and conversations - including tracking information, message status and more.

The web client reproduces all of the functionality of Outlook, but for secure email2 messages. You can send, receive, reply and forward email2 messages directly from the web client.

Note: Basic email messages are not available in the email2 Web Client - only secure email2 messages. The email2 Web Client is meant only to interact with email2 messages on a specific PEN. If you need to manage email2 messages and basic email messages from the same interface, you might be an email2 power user. Investigate the email2 Toolbar as a potential solution.

//Edited June 09

What is the Video Messaging Module?

email2 supports the traditional attachment structure, of course, but it also supports a new way of transmitting certain types of media. Integrated voice and video messaging allows members to record multimedia messages on-the-fly, directly and securely to a Private Email Network (PEN). The multimedia message can then be viewed by a recipient and streamed straight from the PEN to his or her e-mail client or the email2 Web Client.

email2 achieves this with a specialized web component. Voice and video messages are recorded on, stored on, encrypted and played directly from the PEN. There’s no more fiddling around with proper compression formats, specialized codecs or large attachment sizes. email2 takes all the trouble out of multimedia e-mail messaging.

Recording a voice or video message is as simple using the email2 Toolbar for Outlook or visiting the email2 Web Client and pressing the “record” button on the voice or video module. They automatically communicate with any local recording devices and allow true secure streaming audio/video recording. The video capture is streamed over a secure connection to the media server associated with the PEN. Once the recording stops, the media file awaits viewing.

When a member receives an email2 message with an associated voice or video message, the recipient is able to view the video just as he or she would view any other type of email2 message data in teh Delivery Slip. If the recipient has proper permissions, the media is streamed to the recipient.

//Edited June 2009

Which time zone is the tracking displayed for?

Yours!

Members of a Private Email Network (PEN) are often curious about which time zone the tracking is recorded and displayed in. The short answer is, email2 times and dates are synced with the time and date of wherever you happen to be at the moment. If you're on a laptop in Seattle, and the tracking says "Retrieved at 2:45pm," then a desktop in New York is going to see "Retrieved at 5:45pm." The tracking dates and times are always in "your time."

This is achieved by recording all dates in Universal Time (GMT) and using your local settings to provide the proper offset. This ensures that you always know when things are happening in the proper frame of reference.

//Edited June 2009

Why can I retrieve an email2 message in the email2 Web Client but not using the Toolbar?

This occurs when the email2 Toolbar cannot match the email2 message to the basic email address that sent the notification message. Usually, this happens because of an error on the sender's part, but it could also be used by a hacker in an attempt to exploit the notification system. For this reason, unvalidated notification messages are never retrieved.

Technical information

Your basic email account and your email2 account are not the same thing. They are linked, in order to ensure backwards compatibility between basic email and email2.

For instance, if a user has the basic email address derek@sys-national.com, he or she can link it to an email2 account by registering. Once this is done, email2 messages sent to derek@sys-national.com will arrive at that email2 account.

When users have downloaded and installed the email2 Toolbar, they are able to send and receive email2 messages using Outlook. This is achieved by sending a basic email notification message with a hidden access code that the email2 Toolbar recognizes and uses to replace the basic email notification with the actual email2 message.

This means that the email2 Toolbar has a superficial reliance on basic email. Without the access code in the basic email, the email2 Toolbar cannot retrieve the email2 message. As a security precaution the email2 Toolbar will check that the email2 account and the basic email address match, so as to prevent the use of any forged access codes from malicious hackers.

In some cases, having a discrepancy between the email2 account and the basic email account is legitimate. Unfortunately, the email2 Toolbar cannot discern human intent and must err on the side of caution, blocking these messages from retrieval as well.

HOWEVER, because email2 messages cannot be forged and have their own internal identity verification, the email2 message will always be valid and available in the email2 Web Client. If you receive an email2 message with an unverified privacy signature, access the web client to determine whether or not the message is legitimate. If you are sending email2 messages that users cannot retrieve in Outlook, make sure that your basic email address and email2 message match.

//Edited June 09

Why did I receive this email2 Message Notification?

If you've received an email2 Invitation or an email2 Notification Message, it's because someone you know has sent you a secure email2 message. email2 is more secure, more flexible, and more robust than basic e-mail.

email2 is easy get started with, and reading your confidential email2 email message doesn't cost anything. Go back to your email2 Notification message and follow the links on screen. You'll be set up and ready to go in no time.

If you've never used email2 before, and you'd like some more information before continuing, try reading some of these pages:

//Edited January 2010

Why is email2 better than basic e-mail encryption (e.g. PKI)?

Security, more security and even more security!

email2's architecture allows a level of security never encountered before. email2 is not only secure during transit, but it is also secure during storage (it cannot be tampered with), AND recipients are forced to reply via your Private Email Network (PEN), ignoring their e-mail preferences, hardware and software, creating a full audit trail of the entire transaction (conversation), until you decide that it's enough and you recall it.

Public Key Infrastructure (PKI) only protects messages during transit, one way. While they are very robust technologies when it comes time to scramble your message and send them securely across the wire, it still makes use of basic e-mail routes (SMTP) to send your encrypted messages, meaning that it offers NO advantages other than security: it ONLY protects the content of your message ONE WAY.

ALL basic e-mail deficiencies still exist! The security and delivery status of your message is still uncertain. In addition, you are still limited by large file attachments, lack of video messaging, etc.

Since there is no way to enforce that recipients of your encrypted message use the same technique to reply to your message, PKI cannot be considered totally reliable. For non-technical users, PKI may be too complicated to use properly. As the recipients of your message decrypt it, (if they manage to figure out how), they are still able to reply to your message in an non-encrypted way. This defeats the purpose of the initial e-mail encryption!

Finally, PKI requires each user to exchange & manage security certificates with everybody they want to communicate with.

//Edited June 2009

Will my "organizational rules" still work?

Yes. Because Outlook rules act on messages, and because the email2 Toolbar allows Outlook to recognize secure email2 messages, there are no conflicts with Outlook organizational rules and secure email2 messages.

//Edited March 2010

Is a Private Email Network really private?

A Private Email Network (PEN) is a way for individuals or organizations to retain control of the information that they send over e-mail without adopting a whole new system of communication. We accomplish this by introducing a webservices based architecture, using an HTTPS protocol (128-bit SSL encryption – the same level of security used for online banking) to transport secure messages and attachments. This new architecture works in conjunction with basic e-mail, so users can continue using the same e-mail address and e-mail programs.

When you have a Private Email Network (PEN), you control it. You decide who belongs and who doesn't. When someone isn't a member of you PEN, they are completely locked out.

Access to your PEN is granted by means of a simple to use, lightweight email2 Toolbar for your existing e-mail client. If you do not want to install the email2 Toolbar, (or if your e-mail client isn’t supported), you can still make full use of email2 through the email2 Web Client – a secure, interactive web application that runs on all Internet browsers, Mac, PC and mobile devices.

//Edited November 2009