ZSentry Secure Self-Destruct

Already integrated with: MS Exchange Server, Office 365, Office, Word, Excel, Visio, Outlook, Outlook Express, and Windows Mail, Gmail & Google Apps, Apple Mail, iPad, and iPhone, Android, Thunderbird, and more.

ZSentry was selected in the 10 Enterprise Must-Haves by CIO Insight

The ZSentry Self-Destruct Module protects and self-destructs data with no action by senders or recipients, with release and expiration time control of a disclosure window. The technology also provides a forensic control perimeter, defined by the sender, enabling protection in three legal areas: infringement of copyright, breach of contract, and circumvention of a technological protection measure, to help prevent and control leaks. The data is provided by a user service such as email, webmail, SMS, IM, file storage, and single-sign-on.
I let our ZSentry mails self-destruct after a month, which also removes our license for reading even a copy of it, so that each Zmail enforces non-disclosure and reduces everyone's risk.

How it Works: The sender can set release and expiration times using the ZSentry Dashboard of ZSentry App, or Task Codes with Mail and Cloud clients. Access control is provided by single- or two-factor authentication, and can include access auditing. After authentication, users are allowed to read the target only within its retention time, and neither the sender nor the users are responsible for destroying it after it expires. After the Expiration Time lapses, the target's encryption keys are erased and the file is deleted. Senders can also set a Release Time, before which users cannot read the target. By reducing the available reading time (days, hours, minutes), senders can reduce the exposure risk as desired, which is coupled with legal copyright protection statements.

How about email continuity?
If the recipient uses ZSentry Client (e.g., with Outlook) the message is decrypted in the mail client and can be saved decrypted for viewing at any time. Again, the sender's copyright restrictions apply but this is likely not relevant within the same organization, for example.

Buy NowClick for prices or to request a quote.

The Problem

Simply by sending or receiving messages, all organizations archive email whether they realize it or not. The same happens with IM and SMS, and files.

Even if the recipient deletes the file or the email, retrievable copies of it may survive in many places, including in backup files, cache, and in hard drives sectors. Any regular email that is sent to you or by you may be copied, changed, and held by various computers it passes through as it goes from sender to recipient, and vice versa. Persons not participating in your regular email communications may intercept your communications by improperly accessing your computer or your parties' computers, or even some computer unconnected to either of you, through which the email passed even without your knowledge or consent.

Such default email and file archiving presents problems not only for regulatory compliance. The likely existence of such unknown (and unknowable) records makes it difficult to control discovery liability (inside and outside the organization), protect confidentiality commitments to third-parties, and assure consumer privacy rights.

Anyone with experience deploying email archiving systems also knows that the risk of email disclosure is accentuated by the reduced legal protection online when using cloud solutions.

Those are important reasons to limit liability from email archiving. Other reasons include preventing impersonation fraud ("identity theft"), harassment, coercion, blackmail, or just plain embarrassment.
Why would I need to set my message to self-destruct?

Email, IM, and SMS are the psychological equivalent of a voice conversation ... but may become the unfortunate legal equivalent of a written conversation. Thus, it is even more important than with phone conversations to limit email liability caused by the risk of disclosure and leaks. And, remember, information will out.
A common legal advice recommends deleting all email after 30 days. With conventional IT, however, just deleting an email will not work. Every email or attachment you send over a computer network is copied (and perhaps even backed up) on many different computers, without your explicit knowledge and consent. And conventional file deletion methods can often be reversed.

Encryption also does not help at the end point where, in order to be seen, the information is no longer encrypted (e.g., the recently leaked diplomatic cables were encrypted). And even if one cannot download it to a USB stick or CD, a simple phone camera can get a copy, which image the user can immediately send or delete (so it does not show up upon examination) and then retrieve the deleted file later. Or, the user can just memorize the information and leak it later.

The Solution

The security technology ZSentry takes all these aspects into account. Since what's missing here is reliance on the law and on the people to protect privacy, ZSentry adds a reliance framework on behalf of the sender and combines it with technology to make it effective. The function of the reliance framework is to restrict and eliminate the legal basis to use the information outside of the conditions defined by the technology, which reflects what the information owner (e.g., the sender) wants.

The reliance framework used by ZSentry Self-Destruct includes copyright laws, which are well-established and effective worldwide. In general, anyone who does something that infringes copyright is legally liable. Someone who instructs someone else to do something that infringes copyright may also be liable, as may the organization that employs them.

ZSentry, therefore, uses technology to go beyond technology, with a self-destruct function that includes an effective combination of technical and legal protection in three areas: infringement of copyright, breach of contract, and circumvention of a technological protection measure.

The command to expire is clearly noted and also provided with US and international legal support by notifying the reader that the message is copyrighted and that the sender only allows reading during its retention time. Therefore, if someone wants for example to take a picture of the message, then using that picture after the expiration could be considered a breach of copyright and illegal circumvention of protection. While the first motivation is to reduce exposure, the second is to provide a legal recourse in case of exposure. You now have a legal framework that is setup by technology and which you can rely upon to protect your privacy, and there are many large interests around copyright (e.g., the film and music industry) that will likely desire to keep it in place for a long time.

After expiration there is no residual technical risk, as keys are deleted. This automatically makes the respective ZSentry Mail unreadable, including any copy, anywhere. Because self-destruct happens after a point in time that was known beforehand by all parties, any claims of intentional destruction should be void.

Before expiration, any attempt to breach access security of your protected email is immediately logged and traced, and you can be notified as well by requesting that a Return Receipt be sent to you.

In summary, with ZSentry you can actually eliminate the disclosure risk of email, webmail, SMS and IM by properly setting your message to self-destruct. While the received message expires and is no longer readable, you can set ZSentry to send you an encrypted archive copy does not expire, using the Secure Vault Module.

What happens before expiration? The message is encrypted and any attempt to breach access security of your zmail is immediately logged and traced. You can be immediately notified as well by requesting that a Return Receipt be sent to you.

In summary, ZSentry Self-Destruct can help your organization prevent and control leaks Anywhere, Anyway, in desktop, cloud, web and mobile technologies, using a unique combination of technical and legal measures.

Do you worry about cloud computing security? Client and servers vulnerable online?
NMA ZSentry is a next-generation security technology that long at last allows server- and client-security to become less relevant. NMA ZSentry eliminates attack targets in servers and clients, such as usercodes, passwords and user keys, which keys are used to encrypt and de-identify user data. With ZSentry, only upon login with the correct usercode and password (which are not present in the server or client) can the user files be identified, decrypted and read.

Main Technical Notes
Overview   Key Features   ZSentry App   ZSentry Client   API   Smart IT   SAML & SSO
  Security   Usability   HIPAA & HITECH   Experience   Why ZSentry?   Red Flags   SUMMARY

Development and © by NMA

*Trademarks and Copyrights as described in our Legal Statement. We protect Your Privacy.

Microsoft and the Office logo are trademarks or registered trademarks of Microsoft Corporation;
Google Apps, Google Apps Marketplace, and Gmail are trademarks or registered trademarks of Google, Inc.;
in the United States and/or other countries. Other marks are the property of their owners.