1

Email Encryption

2

Threats To Sensitive Data

3

Client Systems

Corporate Mail Server

Recipients’ Systems

Recipients’ Mail ServerEmail at

RiskEmail at

RiskEmail at

RiskEmail at

RiskEmail at

Risk

In Motion

Email is Vulnerable at Multiple Points—SSL/TLS Security Alone is Not Sufficient

Email Resides at Multiple Points

Internet

Where Is Sensitive Data At Risk?

5

% o

f Org

aniz

ation

s

0%

35%

<$10,000

15%

20% 21%

10%

33%

5%

10%

15%

20%

25%

30%

Cost

Up to $50,000

Up to $100,000

Up to $500,000

More than $500,000

Source: Osterman Research Email Security Trends 2008

Cost Of Email Or IM Data Breach

Risk Posed By Various Communication Media

6

0%

60%

Voice-over-IP(VoIP)

Telephony

45%

20%

31%

56%

19%

10%

20%

30%

40%

50%

Communication Media

Enterprise Instant

Messaging

Wireless Voice (Cellular and Text

Messaging)

Wireless Data

Email

51%

Consumer Instant

Messaging

% R

isk

or S

igni

fican

t Ris

k

Source: Osterman Research Email Security Trends 2008

7

Email Encryption Laws

NevadaOn October 1, 2008, the law prohibits any business

in Nevada from sending a customer’s personal information through an electronic transmission—

except via fax—unless the business uses encryption to ensure the security of the

transmission.

The law stipulates that all email, website, and other forms of Internet based communications that involve the personal

information of customers must be encrypted.

8

Email Encryption Laws

MassachusettsOn September 22, 2008, the state of

Massachusetts released the final Massachusetts Regulations (201 CMR 17.00). Those regulations,

effective March 1, 2010, are the most comprehensive encryption requirements imposed

on companies by any state

The Regulations require companies to encrypt all personal information transmitted electronically or

wirelessly. In Massachusetts, businesses must also encrypt all personal information stored on laptops and other

portable devices.

9

PGP Desktop Email

10

Automated End-to-End

Email Encryption

Maintain Corporate Access to

Encrypted Data

Protect Intellectual Property,

Customer Data, and Brand

Equity Secure and Simple

Email Protection

Group Test: Email Security

“PGP® Desktop Email continues to set the standard for pure email security in an enterprise environment… We rate it our Best Buy.” 2008

PGP Desktop EmailAdvantages

11

Email at Risk Email at Risk Email at Risk

In Motion Recipients’ Systems

Recipients’ Mail Server

Email at Risk Email at Risk

Client Systems

Corporate Mail Server

Internet

End-to-End Email Encryption ProtectsEmail in Motion and at Rest

PGP® DesktopEmail

PGP® DesktopEmail

PGP® SupportPackage for BlackBerry®

PGP® DesktopEmail

PGP® DesktopEmail

PGP® SupportPackage for BlackBerry®

PGP Desktop EmailHow It Works

12

Management Server Sender Recipient

Easy, Automatic Operation

Enforced Security Policy

End-to-End Encrypted Email

PGP Desktop EmailDeployment

13

Secure Business Communication

Automated, End-to-End

Email Encryption

PGP Support Package for BlackBerry Advantages

Centralized

Management and Policy

Enforcement

Multi-layer Defense

for Customer Data

14

PGP Support Package for BlackBerry Deployment

BlackBerry® Client Recipient PGP Universal™ Server BlackBerry® Enterprise Server

Logs, Policy, Keys

Enforced Security Policy

Easy, Automatic Operation

Reduced Operational Costs

15

PGP Universal Gateway Email

16

SC Magazine: Best Buy

Protect Intellectual Property,

Customer Data, and Brand

Equity Centralized Management, Deployment,

and Policy

PGP Universal Gateway Email Advantages

Expand as Needed

Flexible Clientless

Email Delivery Options

“PGP delivers a top-notch encryption gateway that is easy to use and contains excellent policy enforcement features. Setting up the Universal server was incredibly easy. The interface is very intuitive and is one of our

favorite interfaces.” 5 stars, March 2010

17

Email at RiskEmail at RiskEmail at RiskEmail at Risk Email at Risk

Internet

PGP Universal™ Gateway Email Secures All Communications

PGP® Desktop

Email

PGP Universal™

Web Messenger

PGP® PDF Messenger

PGP Universal™ Gateway Email

+PGP Universal™

Server

Recipients’ Systems

Recipients’ Mail ServerIn Motion

PGP Universal Gateway Email How It Works

18

PGP Universal Gateway Email Deployment

Desktop Client PGP Universal™ Gateway Email Recipients

Enforced Security Policy

Easy, Automatic Operation

Reduced Operational Costs

19

PGP PDF Messenger

21

ReduceCost and

Accelerate Process

Protect Intellectual Property,

Customer and, Brand Equity

PGP PDF MessengerAdvantages

Increase Your Competitive Advantage

Guarantee Secure

Document Delivery

SC Magazine: Best Buy

“The administrative interface is very slick. The centralized, yet granular, policy management – via Universal Server – makes integration into the enterprise easy to accomplish. Encryption and signing

internal emails is completely transparent to both parties, with a choice of using S/MIME or OpenPGP. External users without an encryption client can receive messages via

a Webmail interface or PGP’s PDF Messenger.” 2008

22

Email sent to recipient—no special action taken

by sender

PGP PDF MessengerHow It Works

PGP Universal Gateway Email processes email and applies

policy, then sends as password-protected PDF

(message not stored)

Recipient receives email; opens secured message with

PDF reader

Desktop Client PGP PDF Messenger Recipients

1 32

23

Recipient receives email; directed to authenticate and retrieve passphrase

User opens PDF with password from PGP Universal

Gateway Email “receipt”

PGP Universal Gateway Email displays Secured PDF password; logs “receipt” of delivery

PGP PDF MessengerHow It Works (Certified Delivery)

Desktop Client PGP PDF Messenger Recipients

1 2 3

24

Just to name a few…

ExamplesSecure Statement Of Delivery

25

PGP Desktop Email 10.0PGP Mobile Email 3.0Updates

26

Outlook Encrypt & Sign Buttons (DTE)

Description: - New Encrypt and Sign buttons on Outlook* to allow users manual control

Benefits:- One click security options- Enables compliance with digital signature laws- Increases options to protect sensitive data- Allows companies to hold individual end users

liable- Enables legally binding digital signatures

* Outlook for Windows onlyNOTE: GWE has manual options for users ([PGP], Important flag, on client Outlook lock or other icon can be coded in

27

Description: - Adds 2 new offline policy options

-send unencrypted** or -use latest locally cached policy*

to existing block** messages policy

Benefits:- Enables policy enforcement when offline- Emails can be sent when offline- Per user group options

* Managed DTE only** Managed and unmanaged DTE

Enhanced Offline Mail Policy (DTE)

28

Description: - Adds timing options for log uploads

and policy updates

Benefits:- Improved performance - Increased options and control- Increased # of clients Universal

Server can manage

Enhanced Policy Update Options (DTE)

29

Description: - Adds Lotus Notes native encryption option for

internal email traffic- Architecture enhancements

Benefits:- Improved integration and encryption options

in Lotus Notes environments - Improved performance & functionality

- By leveraging latest LN APIs

Lotus Notes Enhancements (DTE)

30

Description: - PGP Universal Server decrypts archived

encrypted email

Benefits:- Enables compliance with company archiving and regulatory requirements- Multiple archiving options after decryption

Archival Output Of Encrypted Emails (DTE)

31

Description: - Universal Server now has a user

interface for PGP Mobile management

Benefits:- Convenience; easier to manage

UI For Management Of PGP Mobile

33

Existing Infrastructure

PGP Encryption Solutions

PGP Encryption Platform

3rd Party Solutions

Custom Applications

Commercial Software

Commercial Hardware

EmailFile Disk and Device

MainframeMobile Devices

PGP Encryption Platform

Key Lifecycle Key Storage Authentication / Authorization

Automated Operations and Provisioning

Policy Management

AuditingReporting Logging

Thank you!

Copyright © 2010 Symantec Corporation. All rights reserved. Symantec and the Symantec Logo are trademarks or registered trademarks of Symantec Corporation or its affiliates in the U.S. and other countries. Other names may be trademarks of their respective owners.

This document is provided for informational purposes only and is not intended as advertising. All warranties relating to the information in this document, either express or implied, are disclaimed to the maximum extent allowed by law. The information in this document is subject to change without notice.

Thank you!

34

Sisoftbiuro@sisoft.pl+48 12 443 14 07