HIPAA and Safe Harbor Compliance
ZSentry supports High-grade Encryption (AES-256, 256 bit keys), X.509/PKI server-authentication, and uses an
SSL (Secure Sockets Layer) Server Certificate with online certificate status validation.
All ZSentry SSL pages must begin with https://zsentry.com/
The zsentry.com SSL Server certificate must currently have the values given below.
SSL Server Certificate issued to:
Common Name (CN): zsentry.com
Serial Number: 0B:23:2D:F0:DB:AB:72:1A:0B:AF:FB:E9:6D:42:08:26
Issued by: Thawte SSL CA
Expires on: 12/17/2013
Supports: High-grade Encryption (AES-256, 256 bit keys)
ZSentry provides end-to-end security with per-message encryption, access control, and 24/7 auditing.
Only you have your ZSentry Usercode and Password,
they are not stored by us,
and we do not know them. There are no password or usercode files that could be targeted anywhere. We call this
unique property Sans Target, which is used by ZSentry also to protect your user-keys and user files.
HIPAA and HITECH Safe Harbor: compliance is provided as specified in the ZSentry Compliance Statement.
Single-Sign-On, Mail, and Web: ZSentry is available through SSL/SMTP and HTTPS, and is securely
integrated with Single-Sign-On, Mail and Web use with Google Apps, Gmail, Outlook, web browsers, and other clients.
Add-ons and plugins are not used.
ZSentry and ZSentry Mail (ZMAIL) use standards-based Secure Sockets Layer (SSL)
for secure transactions. Information exchanged with an address beginning with https is encrypted using SSL before transmission. SSL
applies encryption between two communicating applications, such as at your PC and at our secure Internet server, authenticated at
our server end. When your data is transmitted over the Internet, it is encrypted at the sending end and then decrypted at
the receiving end.
ZSentry goes beyond SSL
Why can't I just use SSL to protect my email?
Email is a message not between one client and one server but
between your client and another client, with possibly several independent servers, routers, caches, buffers,
content analysers, traffic analysers, monitors and storage devices in-between, including humans. SSL cannot
protect your email message from client to client, and cannot prevent spoofing, phishing and pharming.
Your email message needs to be protected end-to-end, so that no one can eavesdrop, tamper, fake, spoof, or even
automatically scan and index information from it. In addition, ZMAIL protects your message at the end-point with control features including Release Time and Expiration Time (Self-Destruct Email).
Read more: ZSentry Spoofing, Phishing, Pharming and Spam FAQ