[Info] Encryption Function for Attached Files in E-Mail

https://www.ciphercraft.jp/news/news-1209/
*This will take you to the website of NTT TechnoCross Corporation.

Prevent breach of information by misdirected transmissions with the misdirected transmission prevention function

CipherCraft^®/Mail prevents misdirected transmission of emails and encrypts emails at the same time. It raises the awareness of personal email security, while also taking a systemic approach to raising the level of security for the entire company.

Problems of information breach by e-mail

CipherCraft/Mail is equipped with various functions that prevent information breach by misdirected or malicious e-mails.

Features and Functions of CipherCraft/Mail

1. User-friendly

Re-checking prevents inadvertent errors

A screen is displayed to allow the user to re-check email addresses and attachments before sending so that misdirected transmission of emails is prevented. This prevents accidental transmission of e-mails due to inadvertent errors.
A "Prevent Emails to Unintended Recipients" screen appears in each email software after the sending operation is set in process. The application also has a mail on-hold function that allows the user to abort a sent message.

Automatic password protection for attachments

This function automatically password-protects "Attachments," eliminating the time and effort required to assign passwords to "Attachments."
This function allows users to protect "Attachment(s) + Email body" and not just the "Attachment(s)."

2. Helpful for superiors

Superior can inspect subordinate's e-mail

The system automatically adds specific addresses, such as email address of a superior, to the destination (Cc, Bcc) for outgoing mails. This allows a third party, such as a superior, to check the content of the e-mail.
The superior can also send an email after confirmation.

3. Manager-friendly

We provide two applications—"Server Type" and "Client Type"

"Client Type" is to be installed on your PC and "Server Type" is to be installed on the CipherCraft/Mail server. This makes it possible to adopt a variety of deployment methods, such as starting small or deploying in a groupware environment.
It can also be used in conjunction with antivirus and mail archiving products.

Visualization of mail logs

The PDCA cycle can be easily implemented by identifying e-mail trends by organization and the effects of system implementation.

Misdirected email prevention and e-mail evaluation functions

A pop-up window for preventing misdirected email transmission^*1is displayed before the email is sent, prompting the user to confirm the destination address, body text, and attachments once again. The application automatically identifies the risk of misdirection. Misdirection prevention window is not displayed if the risk is low but is displayed when confirmation is required.^*2This increases the deterrent effect against getting habituated. (Patent pending) Three different screen designs are also available, which further increases the deterrent effect against habituation.

*1 Designed from an ergonomic perspective based on human behavior patterns that are prone to errors in transmission
*2 Can be achieved by using in combination with "CipherCraft/Mail Targeted Email Threat Protection

Encryption Function

When sending e-mail, the attachments are zipped and password protected. Attachments can be encrypted only when sent outside the company. Password notification e-mails can be automatically sent to the recipient, but only the sender can be designated as the recipient; this prevents information leaks from attachments in the unlikely event of an e-mail miscommunication. The encryption methods used are "ZIP", "AES", and the Japanese cipher "Camellia." The email body can also be encrypted. *Whether the email is to be encrypted or not can be selected as per each destination, which improves security without sacrificing convenience.

*"CipherCraft/Mail 7 for Microsoft 365" uses AES/ZIP for encryption and encrypts only attachments.

Automatic sending of e-mails to third parties

Automatically adds a specific address as the destination (Bcc or Cc) for a specific outgoing mail. This allows a third party, such as a superior, to peer review the contents of emails to see what kind of emails are being sent outside the company.
For example, this function can be used to peer-review only the e-mails of temporary employees.

Mail on-hold function

With this function, you can delay the sending of outgoing mails for a defined period of time. Delaying the sending of email allows the sender to stop sending the email upon noticing an error. This reduces the risk of misdirected emails.
*Only certain type of emails can be put on hold.

Approval from superior

[Approval before sending]

A third party (a confirming person), such as a superior, checks the sender's e-mail before it is sent, and the email is sent only if it is approved by the verifier. Only when certain keywords are present (e.g., "estimate"), the email transmission will be held until a pre-designated verifier checks the message. Cross-checking between the sender and the verifier increases security. More than one verifier can be registered. Assigning multiple verifiers ensures that the email confirmation process is not interrupted even if one verifier is absent.

[Approval after sending]

This function allows a third party, such as a superior, to confirm the content of a sent e-mail after it has been sent. This allows the third party to obtain a post-confirmation proof trail.

Review countermeasure policy by visualizing logs

From the CipherCraft/Mail admin panel, the operation administrator can obtain statistical information such as which organizations use attachments more frequently and how often they cancel sending. This information can be used to understand the effectiveness of countermeasures for misdirected email transmission and to identify organizations at high risk of misdirected email transmission, enabling early detection of risk seeds and proactive implementation of more effective misdirected transmission prevention measures.

No need for hassle of user management

User management of CipherCraft/Mail can be selected by the following two methods.

1. Managing each email address by linking it to countermeasure policy

• Integration with existing directories such as Active Directory and LDAP is also possible
• CSV format import available

2. Managing e-mail addresses by setting conditions (regular expressions)

• No need to manage user registration and changes to CipherCraft/Mail
• Automated policy sorting according to condition settings

Countermeasure policies can be enforced even for client type applications

The "CipherCraft/Mail" client type misdirected email prevention software can be configured in detail for each company in the configuration file to be used, and the administrator can enforce the countermeasure policy so that it cannot be changed individually.

The following can be set up all at once:

1. Automatic update of countermeasure policy

2. Automatic configuration of mail server

3. ON/OFF setting of misdirected transmission prevention function

• Setting keywords for keyword search
• Attachment confirmation settings
• "Trusted Domain" and "Number of Outgoing Messages" settings for destination evaluation
• ON/OFF setting of various send buttons for overall email risk rating

4. Various settings for password encryption

*CipherCraft is a registered trademark of NTT TechnoCross Corporation.
*All other company names, product names, service names, etc. mentioned herein are trademarks of their respective owners.