Secure Mail

Secure Mail helps ensure encryption of highly sensitive information sent via email. Access to this service is provided to staff and faculty in departments who regularly deal with highly sensitive information.  If you have a business need to send highly sensitive information and have not been enrolled in this service, please send email to infosec@nd.edu to request access.

Using Secure Mail With Gmail
Using the Web Interface as a Secure Mail User

Using Secure Mail With Gmail

Secure Mail helps ensure encryption of highly sensitive information sent via email. Secure Mail will be activated automatically and, with the exceptions noted below, does not change the way you send and receive email with Gmail.

There are three situations in which your email messages might be encrypted by Secure Mail.

  1. You manually encrypt your message and/or attachment.
  2. You include a social security number in the email/attachment you’re sending.
  3. You include a number(s) that is identified by Secure Mail as a potential social security number in an email/attachment you’re sending.

In the future, other highly sensitive information may also be detected and encrypted by Secure Mail.

Scenario 1 (Manual Encryption):

If you’re sending an email and would like to ensure the information is secure, type [encrypt] in the subject line followed by the subject of the email you’re sending. The person receiving your message will see only the subject you intended because [encrypt] will be automatically removed by Secure Mail.

***IMPORTANT*** The brackets around encrypt are necessary in order for Secure Mail to know when to manually encrypt your message. See example below.

Example 1a--Sender: Because this message has [encrypt] in the subject line it will be encrypted by Secure Mail.

secure mail example 1a image

Example 1b--Recipient: Notice that when receiving an encrypted message, [encrypt] is not visible in the subject.

example1b smart mail image received message

Scenario 2 (Accidentally Sending a Social Security Number):

In scenario 2, you accidentally send an email or attachment to someone that contains valid social security number(s), along with an identifier like SSN or Social Security #.  After you send the message, you will receive an email from Secure Mail notifying you that your message was identified as having an SSN and was encrypted.

***IMPORTANT*** Delete the message from your Sent Mail folder so you are not storing social security numbers in Google.

Example 2a--Sender: You are alerted that the message you sent was encrypted.

SSN detected image smart mail

When the recipient opens the message, the sender will get a notification email letting the sender know the message has been viewed.

Proofpoint Encrypted Notice

Example 2b--Recipient: As a recipient of a secure message, you will receive an email with a link and an attachment. You can click either the link or the attachment to view your secure message. Please Note - It may take a couple of minutes for the Click here link to work, but clicking the attachment will work immediately.

Recipient Notice Smart Mail

Scenario 3 (Secure Mail detects a possible Social Security Number):

In scenario three, if you attempt to send a message or attachment that Secure Mail identifies as possibly containing a social security number, you will receive an email from Secure Mail that will ask you to take additional action. You will be given three options:

  • Send: Encrypts the message and sends it
  • Send Unencrypted: Sends the message as is, without encryption
  • Block: Cancels sending the message

Example 3--Sender: Choose the appropriate option (Send, Send Unencrypted, Block) under Action.

Detected Possible Ssn Smart Mail

***IMPORTANT*** If the email contains a Social Security Number, delete the message from your Sent Mail folder so you are not storing social security numbers in Google.

If you have any questions regarding Secure Mail, please contact OIT’s Information Security department at infosec@nd.edu or 574-631-3888.

Using the Web Interface as a Secure Mail User

When your Secure Mail account is created you will receive a welcome email from Secure Mail informing you that your account has been created.

Secure Mail Account Created Notice

The welcome message contains a temporary password that will be used for your account.

When you follow the Manage My Account link, you will be prompted to enter your temporary password. Once your temporary password has been verified will need to create a new password.

Note: This password is not connected to your NetID password.

secure mail change password

Your new password must meet the following password requirements:

  • Contain at least 12 characters total
  • Have a digit (0-9)
  • Include a special character ( !@$%^&*()[]_+=~)

Once you have successfully logged in, you are shown all the encrypted messages you’ve sent. You will not be able to see the body of the messages, only the recipient and subject.

Secure Mail List Of Messages

With this interface you will be able to perform the following actions:

  • Revoke Message: This will remove access by the recipient to the message even if the recipient has already viewed the message.
    • ACTION: Simply check the box on the row of the message and click Revoke.
  • See if a message has been viewed: If the envelope is opened it means the recipient has viewed the message.  
  • Set an expiration date for the message: By setting an expiration date, the recipient will be able to view the message for only the amount of time you specify.
    • ACTION: To set the expiration, you must first select the message, then Edit Expiration.

      Secure Mail Expiration

       

If you would like to log into the web interface and you no longer have the welcome message, the link is: https://0014ec01.pphosted.com:10020/euweb/login

If you have any questions regarding Secure Mail, please contact OIT’s Information Security department at infosec@nd.edu or 574-631-3888.