The question I haven't seen answered is what phase needs to be secure? If you're just concerned about traffic on the wire, then Server to Server TLS would work fine. If you're concerned about guaranteeing that the message is only accessible to the recipients, then you need to look at something like S/MIME.
Thanks, Brian Desmond [email protected]<mailto:[email protected]> c - 312.731.3132 From: Tom Miller [mailto:[email protected]] Sent: Friday, March 04, 2011 11:31 AM To: NT System Admin Issues Subject: Re: Seeking secure e-mail options Good points. The message contents need to be encrypted since they will house patient/clinical/financial information. Not sure about signed. If we do TLS on the gateway, then server-to-server communications would be encrypted. I can't say too much else about requirements, since there is a state committee looking into this and I thought I'd ask your opinions. But we do need something that will be fairly easy for the sender and recipient, fairly easy to configure and manage. And something that isn't "Exchange-centric", for example. Tom >>> "Andrew S. Baker" <[email protected]<mailto:[email protected]>> 3/4/2011 >>> 12:10 PM >>> Please define "secure email". Does individual messages need to be encrypted? Do messages just need to be signed? Does server-to-server communications need to be encrypted? There are lots of ways to do this, and depending on your requirement, this can be a breeze (use TLS between servers) or ridiculously complicated (PGP between clients) or somewhere in between (TLS + S/MIME) ASB (Find me online via About.Me<http://about.me/Andrew.S.Baker/bio>) Exploiting Technology for Business Advantage... On Fri, Mar 4, 2011 at 8:35 AM, Tom Miller <[email protected]<mailto:[email protected]>> wrote: I'm looking for suggestions on secure e-mail. I have a Barracuda which can do some sort of verification, but I don't think that's what is needed. Like agencies in my state are looking for secure e-mail options so we can send clinical data to each other. I'd prefer something that is autonomous to whatever e-mail system is used, since other agencies may be Exchange or other e-mail products. We don't use Exchange here. Suggestions appreciated. Tom ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ ~ <http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/> ~ --- To manage subscriptions click here: http://lyris.sunbelt-software.com/read/my_forums/ or send an email to [email protected]<mailto:[email protected]> with the body: unsubscribe ntsysadmin Confidentiality Notice: This e-mail message, including attachments, is for the sole use of the intended recipient(s) and may contain confidential and privileged information. Any unauthorized review, use, disclosure, or distribution is prohibited. If you are not the intended recipient, please contact the sender by reply e-mail and destroy all copies of the original message. ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ ~ <http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/> ~ --- To manage subscriptions click here: http://lyris.sunbelt-software.com/read/my_forums/ or send an email to [email protected]<mailto:[email protected]> with the body: unsubscribe ntsysadmin ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ ~ <http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/> ~ --- To manage subscriptions click here: http://lyris.sunbelt-software.com/read/my_forums/ or send an email to [email protected] with the body: unsubscribe ntsysadmin
