NMA ZSentry API / Forms

Now we have HIPAA compliant web forms on our website, and fully automate the encryption of form responses back to the office using ZSentry. It was easy for our website developer to integrate with our website.
ZSentry APIAdds secure Forms, Mail and Single-Sign-On in servers
Easy to write code that uses it
Powerful to satisfy HIPAA, Safe Harbor & more
For client use, see also ZSentry Client

Already integrated with: Microsoft C#, .Net, Exchange Server, and Office, Java, PHP, HTML web forms, mail clients, and more. For an overview of the ZSentry complete offer, see what's inside.

The API is a server- and client-side ZSentry engine with SSL/SMTP send and receive connectors. Works in any OS. No download. No plugins. No requirements on any existing plugins. No installation.
I need to spend a little time customizing the "skin" and what things say, but I have things working. We think this service will add significant benefits to our application and users.
Pricing: Included with one-year or longer user license, for example to use with a web form. For high-volume or special applications, please Contact Us >>

Purpose: Often, enterprises build custom applications using a framework such as Office, .NET, Java, or others, in various servers and hosts, extending functionality. Enterprises also often use functionality already built-in, and customize it for a particular business process. Customized functionality usually involves sensitive data, for the enterprise and customers.

The server-side ZSentry Application Programming Interface (API) allows your custom office application or process, running in hosts or servers, to connect to ZSentry. You can then easily access the ZSentry “bare metal” API for maximum flexibility & performance. For example, an Office or .NET application can be triggered by some event to send a confidential ZSentry message to a group of users, some by secure email and others by secure SMS, and also save it in a secure file. The API works with all ZSentry editions: Desktop, Web, Cloud, and Mobile.

Get to Market Faster: With the ZSentry API, it is easy to send and receive secure data when using custom applications. ZSentry API is also easy to learn, easy to use, hard to misuse, easy to write code that uses it, and sufficiently powerful to satisfy HIPAA, Safe Harbor & other requirements. You can contact a ZSentry Certified Partner or do-it-yourself. We offer developer programs to help integrate the ZSentry API (ZAPI) with your applications, allowing your users and customers to easily comply with privacy regulations, including HIPAA and HITECH Safe Harbor. Please Contact Us for information on available developer programs.

Customer Controlled Operation: To comply with ITAR and financial services regulations, for example, customers may require exclusive control of information. ZSentry API also works with ZSentry Director, which provides local data handling of all plaintext and first-layer security keys.

How it Works: Developers can connect a system to a ZSentry engine for encryption/decryption directly or through a message service or application, using SSL SMTP, automatically. ZSentry can also send the resulting secure emails using its own SMTP server, without requiring SSL, or use another resource as a mail relay with or without SSL.

With the ZSentry API, developers are not limited to use HTTPS with ZSentry App. Applications can also connect using SMTPS (SMTP over SSL, also called implicit SSL) on TCP port 465.

With port 465 there is no ZSentry data exchange without SSL, including the ZSentry Username and Password data. Contrary to the submission port 587 with STARTTLS where the connection changes from non-SSL into SSL, port 465 has SSL-at-connect required. We prefer port 465 because every connection is encrypted from the start, preventing problems such as the SSL bridge attack (a well-known problem also for web browsers).

We tested servers with the dovecot/postfix Debian implementation and, without any errors, against many clients including Outlook, Outlook Express, Windows Mail, Apple Mail, Entourage, and Thunderbird, on Windows XP, Vista, Linux, and Mac OS X.

Benefits:
The ZSentry Client Benefits and also:
  • Automates your solution to send secure messages and enforce your policy rules before any message leaves your facility.
  • Allows you to define per-message, per-device, local, and global rules that are centrally-managed and -audited.
  • Lets you automatically create and send secure, personalized form-letters directly from Word and other programs, using your local templates and database.
  • Automatically integrate and save/send data securely to/from different applications and different sources.
  • Easily create on-the-fly secured-access data views according to "need to know" and clearance level.
  • Send personalized confidential records (such as lab results, investment positions, medical appointments) in automatic compliance with HIPAA and other privacy regulations.
  • Use ZSentry Mail (Zmail) and also other ZModules as needed such as, for example, Secure Forms and Secure Vault, from/to any platform.
System.Net.Mail: Microsoft has declared in the MSDN developer network that SMTPS support for port 465 SSL/SMTP will probably be added as part of a service pack or major release. Meanwhile, developers who are using .NET classes can use a third party plugin (for example, by Rebex) that does SMTPS with port 465 for SMTP in .NET. Alternatively, if your .NET code runs in a Microsoft platform, you can also use Microsoft CDOSYS (Collaborative Data Objects, Cdosys.dll). CDOSYS will allow you to bypass the missing support for SMTP using implicit SSL in System.Net.Mail. CDOSYS has been in all Microsoft operating systems since Windows 2000 and is considered better and more stable than System.Net.Mail. Both methods have been tried by independent developers and work well with the ZSentry API.

Exchange Server: Since 2000, Microsoft Exchange Server extensively uses standards-based SMTP, the same standard used by ZSentry. You can define SMTP connectors in Exchange, both sending and receiving, using SSL and port 465. Exchange SMTP connectors are fully compatible with the ZSentry API. ZSentry can work with Exchange, through Exchange, and directly with clients. You choose which model to use. For example, depending on who you are sending to, you can select to use Exchange as a non-SSL mail relay, to send the message after it is encrypted by ZSentry. Or, you can select to send in SSL to Exchange, which then defines whether or not to encrypt using ZSentry, and how to send it, all based on some policy you defined in Exchange.

Use Now: Request a Support Ticket for information on licensing and using the ZSentry API.

Developer Connection: We have two license programs for developers:
  1. ZSentry Lab: This is a cost-free program, where upon approval of your request we provide one Courtesy Premium account, help with your development as possible and, in return, ask that you share with us code snippets that work for you, for example in connecting to the API, for the benefit of other developers.
  2. ZSentry Works: This program provides you with tools, service, and help to more quickly integrate ZSentry with your products, allow your customers to easily use ZSentry services, and comply with HIPAA and HITECH Safe Harbor regulations. The ZSentry Works program costs a one-year charge of $200.00 and offers your organization up to 2 Premium accounts with One-Year Licenses ($158 value), priority response with Support Tickets, access to custom software testing, logs and debug reports, and early access to beta features. These ZSentry applications may have additional methods provided by ZSentry and also by your organization.

Please Contact Us and let us know which developer program you prefer.

Commercial license, reseller, and distribution terms are independent of the Developer Programs, and can be provided at any time. Click Partner ConnectGo

Main Technical Notes
Overview   Key Features   ZSentry App   ZSentry Client   API   Smart IT   SAML & SSO
  Security   Usability   HIPAA & HITECH   Experience   Why ZSentry?   Red Flags   SUMMARY

Development and © by NMA

*Trademarks and Copyrights as described in our Legal Statement. We protect Your Privacy.