Cloud Data Privacy and Security
ZSentry addresses user and cloud provider trust concernsZSentry provides secure and HIPAA compliant methods for automatically addressing user and Cloud provider trust concerns, albeit the degree of automation may vary with the interface and options that you choose to use.
For examples, touch to expand:
Can I prevent Google from reading my Inbox? Can I prevent Google from reading my sent mail?
Secure first contact is a business-critical capability provided by ZSentry. Senders can choose how to protect their messages as well as their delivery. For example, in the most simple case that the sender can choose, ZSentry collects more and more varied evidence than the Postal Service when delivering mail. While in the simplest case the recipient only has to click to access the message, before the message is read ZSentry will authenticate the device and the mailbox, timestamp the connection in reference to the US NIST, obtain evidence that the recipient owns or controls the password to access that mailbox, record the message's fingerprint and also how and where the message was accessed, request identity confirmation from the recipient (as a legally valid declaration, protected by US copyright law), and make available other auditing records, such as when the message was sent and when it expires.
Regarding creating and protecting a copy of the sent file (HIPAA archival copy), the ZSentry for Google interface can provide this service automatically by using the included ZSentry Secure Vault service. For each secure email sent, ZSentry creates an encrypted and access-controlled copy of the sent file, which can be sent for storage in Google or anywhere else without any HIPAA concerns, and can be retrieved / read securely also when using Google's web interface.
Regarding any temporary storage files of unencrypted plaintext, ZSentry provides HIPAA compliance with Google Apps and Gmail, according to the interface and options you choose to use. What may not be covered by automation can be covered by policy.
The ZSentry App, ZSentry Client, and ZSentry API interfaces offer higher automation with Google and no need to trust the user or the Cloud provider, whereas the ZSentry Cloud interface (used with the Google web interface) is also subject to the policy items and considerations listed in the ZSentry + Google How-To »
Regardless of any interface used with ZSentry for a Cloud provider, the message will be sent automatically with end-to-end encryption satisfying HIPAA and Safe Harbor rules.
If retaining local data merging, local scanning, cross-platform communication, and physical data control are important to your organization, you can use ZSentry to get Cloud benefits and email service without sacrificing your data control needs. With ZSentry you can, for example, use Google Apps without ever enabling access to plaintext copies of your messages, as they will not be stored (even temporarily) in a folder or cache in Google, store or sent online unencrypted. If your Cloud provider has an outage, you can still send secure email using your own address. Read more at ZSentry for Mail clients
Device / Apps for Cloud useZSentry can work securely in the Cloud with multiple choices of devices and apps. Click to view device / app choices »
Solutions for CloudZSentry creates and enhances Cloud solutions. Click to view Solutions »
|Main Technical Notes|