Reducing the Risk of Email Data Leaks
What is Smarsh?
Smarsh is an email security service that utilizes TLS encryption technology to prevent sensitive email data from being intercepted by a third party. Industry regulators such as FINRA and the SEC require firms to use email encryption to ensure compliance with security, content retention and oversight obligations.
Most email domains had been supporting TLS and encrypted communications were seamlessly decrypted without any additional steps. Recently however, some of the major domains have stopped supporting TLS encryption. This forces secure emails to now go through the Smarsh secure portal. Many have found this process to run smoother when using the Outlook desktop application or the iCloud and Gmail platforms, but protocols can change periodically so this might be temporary.
How does Smarsh work?
When a recipient replies to an encrypted message through the website interface, the message is sent using an encrypted connection to Smarsh Hosted Services servers. Smarsh Hosted Services servers have the appropriate software installed to decrypt the email so that the recipient won't need to use the Web Portal to read the email, but instead can read it using Outlook or Outlook Web App. When a desktop Outlook application connects to Smarsh Hosted Services Exchange server to view email it uses a TLS-encrypted connection, so the message cannot be intercepted by a third party.
Important: If the recipient replies to the encrypted message from Outlook or OWA, it will not be encrypted automatically. It will only be encrypted if the encryption policy is triggered.
What triggers an encrypted email?
When an email is sent with an attachment, a calendar invite or text that includes sensitive information, it will be encrypted.
What are the requirements to set up a Smarsh password?
- Length (14-64)
- Lowercase Letter
- Uppercase Letter
- Special Character (!$#&%,etc.)
I'm having trouble, are there additional resources?
This link provides a comparison chart of email hosts currently utilizing TLS encryption, providing a more seamless experience. Please note this is subject to change: https://en.wikipedia.org/wiki/Comparison_of_webmail_providers
A walk through for the account opening and password selection process: https://kb.smarshmail.com/Article/47571
A video tutorial on how to retrieve Smarsh encrypted messages: https://vimeo.com/281530377