ZSentry is the only security that lets you do what you want.™How to search the FAQ? The site? (tap to expand)
Mobile optimized: This site may load or display certain page segments only by demand, in order to make your experience faster and more usable especially in cell phones. This needs to be taken into account if you want to search a page or the site.Top Answers:
FAQ search: To search within this FAQ page, find the link below that says "Click here to read all answers" and click it. Then, use the search function in your Web browser (usually, Ctrl-F) and search what you want.
Page and site search: To search any other page, do the same. To search the site, first go to your preferred search engine. Most Web browsers today incorporate the search function at the top of the page, or with a mouse right-click after word selection. Then, type what you want to search followed by our mark ZSENTRY.
Improved: For improved relevance in site search, please click Submit Search and send your request to us. Please add any comments that you think may be useful.
NMA ZSentryCan ZSentry encrypt my email and attachments? Files?
Yes. Messages, attachments and files are encrypted end-to-end and they are never at rest at ZSentry. The users hold the keys to decrypt and there is no key copy anywhere else (not even encrypted or hashed). Also works for secure webmail, secure SMS (texting), local and cloud archiving, phones, and more.How do I send/receive ZSentry Mail?
For sending/reading encrypted email and SMS using the Web, and to create a personalized Web Portal for your recipients, you need only step 1 below. To use phone, GMail, or Mail clients (as easy to use as regular email), follow through step 3.
ZSentry works with whatever you have, as follows:Can I personalize ZSentry?
Decrypt, Read, Reply, and Save: You receive the secure message in your regular Inbox, encrypted. Follow the message instructions. Usually, just click the secure link -- where the link MUST begin with https://zsentry.com/. For added security, you can copy the link and paste it in the location bar of your web browser and then (visually or automatically by a white-list control proxy) make sure that the link begins with https://zsentry.com/ before you use the Enter or Go key in your device. Your actions will also decrypt and load any attachments.
Encrypt and Send: With ZSentry Client (*), your use your own Mail client to compose the email and load attachments, then you select the secure account (ZSentry) in your device, and touch Send. With ZSentry App(*), you use a Web browser to compose the email and load attachments, then touch "Encrypt & Send". In either case, that's all! The email will be encrypted and sent according to your account's ZSentry Dashboard settings, which you can personalize. Some devices may require setup.
(*)You use ZSentry App just with your Web browser. You use ZSentry Client with a Mail client (Outlook, iPhone, Android) or a Cloud client (GMail, Google Apps, Zoho, FastMail).
Read more: Sign In instructions»
Yes. The organization or users can personalize their configuration profiles (Dashboard), defining how ZSentry sends secure email and what is required from recipients according to their access class. The users' configuration profiles are individually encrypted. In their domain, organizations may centralize and lock their users' personalized choices.Can I use ZSentry for HIPAA compliant forms on my website or by email? What is ZSentry? Zmail?
Before you personalize, please note that ZSentry is already provided "out of the box" with a Default HIPAA-compliant configuration that improves usability. The configuration is auditable, with access control by means of automatic mailbox and end-point authentication, login monitoring, and expiration control. It enables secure first-contact and reply (Secure Quick Reply) with verified recipient online identity, without requiring the recipient to register. To enable Secure Quick Reply, the Expiration Time is set by default to 15 days (and should not be more than 31 days).
Read more: ZSentry Dashboard »
GMail and Google Apps users: See also ZSentry for Google How-To »
ZSentry provides end-to-end encryption and two-factor authentication where the user and not ZSentry or a provider holds the keys. ZSentry works two-way with whatever solution you and your recipients use, with no changes.Why would I need ZSentry?
ZSentry is a bit different. ZSentry does not store your password anywhere. Zero message scanning, changes, or download. Your ZSentry-secured solutions will feel exactly like what you use today on the desktop and phone, and your recipients' solutions will also benefit from your use of ZSentry and yet feel exactly like what they use today. For example, using any mix of email, webmail and SMS (texting). And you can do secure back-and-forth with multiple recipients each using their own platform, even if they are not ZSentry users, send and receive attachments, store files securely, and much more.
ZSentry works with the devices people already own and love, with no changes for anyone while everyone gets more value from what they have. When you or your organization use ZSentry, you immediately get more utility and usability with certified HIPAA and security compliance for your apps and services across every platform. Your correspondents also get the same benefits, at zero added cost, with FREE Secure Read & Reply for your recipients.
With ZSentry, your data is protected by end-to-end encryption, onsite, online, and at rest. The user and not ZSentry or a provider holds the keys. ZSentry was tested and is CHPL certified as a Health IT EHR Product providing ARRA, HIPAA and HITECH compliance; also complies with Safe Harbor, GLBA, SOX, and other regulations.
Click Quick Start Guide»
Click to learn more with your FREE Trial»
- On the NMA ZSentry architecture, click Network Middleware Application»
- For follow-up questions, click Questions»
Zmail™ (ZSentry Mail™) is the secure Mail function of ZSentry™ (NMA trademarks since 2001).
With cloud services, anything with HIPAA-protected information that people send, save, share or use (including Mail, Drive, Docs, Spreadsheet, Texting, Projects, and Calendar) has to be encrypted or it will expose your organization to a HIPAA compliance break.Do you have data sheets on ZSentry in PDF format?
The problem is that someone could hack into your cloud account, or read copies on their servers that “who knows who can access”.
The same can happen if you are sending or sharing information online, your phone is lost, or desktop security is breached.
ZSentry solves these problems by enabling users to send, text, save, and share ZSentry encrypted messages in all desktop and phone platforms. The user and not ZSentry or a provider holds the keys.
You do not need to use fragmented solutions. You can use only ZSentry in all platforms, for example with Google Apps, Outlook, iPhone, Android, and Outlook, for more benefits and cost savings. For a list of the top five reasons customers tell us they choose ZSentry, touch The Top Five »
How it works with Google Apps: You just have to send the file or email through ZSentry, to encrypt. Access to Google Apps does not change. The encrypted file in Google Apps (including Mail, Drive, Docs, Spreadsheet, and Calendar) will have the access controls that you choose when sending the file using ZSentry. You can then store and share documents encrypted with ZSentry in Google Apps (including Mail, Drive, Docs, Spreadsheet, and Calendar), and they can be retrieved for decryption without Google scanning.
For examples, go to the "Google" section in this FAQ.
In the site, you can find tutorials in PDF for specific devices and apps (for example, iPhone and Mail app, Google and Outlook), and get specific documents such as the HIPAA BAA.Do I need to get a new email address or app?
However, there are ever so many new devices and apps out there, and more BYOD users, while ZSentry is so interactive with whatever users have, that an introductory data sheet in PDF format would be already outdated and too flat to show what ZSentry can do.
We solve this in a more elegant and efficient way. We provide an always up-to-date, interactive ZSentry "data sheet" in web format (also faster & safer than PDF), using your own device (whatever that device may be). You can get one by simply requesting our Free Trial »
The approval time takes a couple minutes. There is no credit card requested. You can test it with live user-controls for 15 days, see how each screen looks and works in any device, and use the included Secure Quick Reply to see how ZSentry also helps your users.
No. ZSentry works with your current email address, Inbox and app.Can ZSentry reduce my IT administrator workload? We're using a cloud service. What's the best way to integrate ZSentry?
You receive secure messages directly, without ZSentry intervention, at your regular mail Inbox. You can use any mail provider without any changes, including Google Apps, GMail, Microsoft 365, and Yahoo Mail.
You can send, read and reply with any choices of desktop Mail client, cloud app, web browser, and phone. After decryption, you can also save messages locally (for example, in your hard drive or USB stick), which helps relieve privacy and value concerns when using cloud solutions.
The best practice, if your user interface is a Mail Client such as Outlook or phone, is to directly use the ZSentry SMTP settings to send secure email and the cloud service SMTP settings (eg, Google Apps, Office 365, Yahoo, Zoho) to send regular email. The Inbox is the same email address for both uses. Click Mail Client setup»How easy is it for people to read and reply to my email?
Second alternative is to use only a Web browser as the user interface, and then use the ZSentry SMTP settings to send secure email as an external server/From in the cloud service (eg, GMail, Google Apps, Zoho) itself. Click Cloud Client setup»
Third alternative is to use only a Web browser and ZSentry App» (no setup)
Other choices are presented in Use Options»
Your secure message will be sent encrypted to the recipient's email address and will be received as usual. The recipient can click the link (or copy-and-paste) to open it in a secure browser window (no setup) or in a Mail Client (may need setup). The recipient will be authenticated as you (the sender) requested, and can read, reply and save the message as well as any attachments.How can ZSentry help with first contacts?
To reply, the recipient can click the button Secure Quick Reply
That's all! In both cases, the service is provided securely but without burdening the recipient with anything more than a mouse click.
Just like with regular email, there is no password to send to the recipient, no signup, cost, installation, setup, or extra work demands. Recipients can use any desktop, tablet or phone. To see for yourself, click FREE Trial >>
When you use ZSentry, your email stands out and recipients can read it with the effort of a single mouse click, without setup and even without registration (if you allow it). They can also reply securely to you, without cost and setup.Do both parties (sender & receiver) have to use ZSentry for it to work?
With regular email, Inbox clutter and spam overload are often making people not even open your emails, or be afraid to reply.
To further help overcome first-contact hesitation and confusion, and prevent phishing, ZSentry enables senders to add an interpersonal touch. We created a Znote space, which is a custom plaintext note from the sender, visible without decryption, in the email envelope. The Znote is visible in the email summary that, for example, GMail provides before reading the actual email.
And, of course, you can write the Znote in the language of the recipient! This is useful to enhance the interpersonal context and help flag spam.
In addition, the Znote is also searchable, so that you can easily add externally-visible keywords to your secure message.
Through ZSentry authentication, people will know that your email is not spam, is actually from you and not something to be suspicious about, such as a phishing attack. ZSentry provides Free Reply choices so that a customer, patient or just website visitors can also send you a Zmail — and you can verify that it is safe to open before you actually do it.
And you can easily verify that your Zmail was read, with a Return Receipt providing full "When, Where, Who, What, How" information. You can control how your information is used, delivered and tracked, by using Expiration Time (self-destruct) and other ZSentry controls.
No. It can be more secure if both do, but it works with just the sender using the service.What is routed through ZSentry? Where are the emails stored?
Secure first contact is a business-critical capability provided by ZSentry. Senders can choose how to protect their messages as well as their delivery. For example, in the most simple case that the sender can choose, ZSentry collects more and more varied evidence than the Postal Service when delivering mail. While in the simplest case the recipient only has to click to access the message, before the message is read ZSentry will authenticate the device and the mailbox, timestamp the connection in reference to the US NIST, obtain evidence that the recipient owns or controls the password to access that mailbox, record the message's fingerprint and also how and where the message was accessed, request identity confirmation from the recipient (as a legally valid declaration, protected by US copyright law), and make available other auditing records, such as when the message was sent and when it expires.
This also means that ZSentry is less intrusive on the receiving party than requiring keys, passwords, software installation, or even a setup. This is very useful when you do not want to bother the receiving party, as in a first contact. You can request a Return Receipt upon reading, and also set the email to self-destruct, to track and protect your information. For more, read Quick Start Guide»
This item includes online contributions by the community.
Nothing is routed through ZSentry when you receive secure email, and the email is received in your regular Inbox. There is no protected data that is permanently stored, although encrypted. The user and not ZSentry or a provider holds the keys.
When you send secure email, there are two cases, controlled by the sender:
Regulatory Compliance, HIPAA, HITECH Safe HarborIs ZSentry certified by a third-party to be HIPAA compliant?
Yes. ZSentry is ONC/CHPL certified to provide a HIPAA-compliant EMR (Electronic Medical Records) solution (CHPL Product Number: IG-2482-11-0040), including encryption when exchanging electronic health information (§170.302.v) and providing an electronic copy of health information (§170.304.f).Why is ZSentry secure?
ZSentry is also CHPL certified to satisfy HIPAA requirements in U.S. Federal incentive payment programs with Medicare (up to $44,000) and Medicaid (up to $63,750), where ZSentry works with partners providing qualified solutions for meaningful use of certified EMR. ZSentry can also be used with the U.S. Federal incentive program for Eligible Professionals (EP) who are successful electronic prescribers. The bonus is 2% of the Medicare allowed charges for the year.
Regarding HIPAA and other regulatory requirements, such as FERPA and U.S. state privacy laws, the levels and extent limits of ZSentry compliance are specified in the ZSentry Compliance Statement» including safeguarding protected health information (PHI), privacy, security, and integrity.
In summary, ZSentry provides compliance on a technical level, under HIPAA, HITECH Safe Harbor, and other rules as well, and exempting customers of signing a Business Associate Agreement (although a BAA can be signed if desired).
In these applications, ZSentry provides per-message encryption, de-identification, two-factor authentication, control, data loss protection, secure archive and auditing, protecting information in transit and at rest. ZSentry HIPAA conformance can also be verified by you or anyone else. It's quite straightforward and we are also at your disposal for any questions. Read more»
There are well-known and recognized standards for encryption of email, including ITU-T and IETF X.509/PKI with S/MIME, and PGP with or without PGP/MIME encoding. ZSentry was developed after these standards and improves upon them in both usability and security.Why can't an attacker get or guess my ZSentry Password?
ZSentry provides per-message encryption, de-identification, two-factor authentication, data loss protection, secure archive, message control, and auditing, protecting information in transit and at rest. ZSentry reduces the trust and control requirements in several critical areas, making it easier to attain and demonstrate a higher level of security while increasing usability, for example:
ZSentry has several properties that distinguish it from other security technologies using passwords, such as:People are easily fooled by phishing. Can ZSentry help?
ZSentry makes it much harder to fool people, sending or receiving email. Received messages can be verified to be authentic, by ZSentry and also independently.What is Safe Harbor compliance?
For sending, ZSentry Client is spoof-free and provides hands-free Single-Sign-On and Mail after setup. The web service includes spoof prevention. In all cases, the ZSentry Usercode and Password are not online, not even encrypted or hashed.
The HIPAA HITECH rules, as well as breach notification laws in more than 45 U.S. states and other countries, provide "safe harbors" for encrypted information.Can I delete all email after 30 days? IT says it won't work.
According to HIPAA rules, encryption of protected health information (PHI) data at rest and in motion provides a safe harbor that protects organizations from the costs and losses associated with data breach notifications, and fines that can range from $10,000 to $1.5 million per violation.
ZSentry provides Safe Harbor compliance with HIPAA HITECH and other rules, with no fines and no liability in the breach notice context, as no user identity and data can be compromised.
ZSentry HIPAA customers are exempt of signing a Business Associate Agreement (BAA), although a BAA can be signed if desired. Read more»
Conventionally, you cannot. Sending an email necessarily entails copying the message to other systems, which you may not have access to or even know of, potentially archiving the email forever. Senders and recipients may delete email files but, often, files can be easily undeleted or copied from a back-up. Senders and recipients may also get a screenshot of the email and save it. The result is undesired email retention, and an open risk for disclosure.Why is ZSentry better? What is the Sans Target technology?
ZSentry Self-Destruct solves the various facets of this problem. You can actually eliminate the disclosure risk of email, webmail, SMS, IM, and file storage by setting it to self-destruct after the time you want, for example 30 days or even one hour. Read more»
The ZSentry differential is not just about encryption, as that needs to follow well-known standards such as AES, but about many points missing in other products and that are even more critical than encryption for privacy and security.
With ZSentry, your data is protected by end-to-end encryption, onsite, online, and at rest. The user and not ZSentry or a provider holds the keys.
ZSentry provides IT with assurance that only trusted users are accessing confidential communications and services, and that their devices comply with established policies even with no setup. ZSentry can be easily personalized and centralized settings are available. Users' configuration profiles (Dashboard) are individually encrypted and can be locked by IT so that settings cannot be changed.
The ZSentry advantage further includes:
Design: simpler and complements rather than replaces existing solutions, operating Sans Target and providing an "All-In-One" seamless approach for anyway mobility.
No Plugins, Already Works: provides SSL/HTTP and SSL/SMTP service interfaces with no installation or plugins for all leading, familiar solutions including Google Apps, Outlook, Android, iPhone, iPad, and Exchange Server.
Foolproof: avoids common problems caused by human error or misuse, while providing two-factor authentication, multi-channel identification, anti-spoofing, end-to-end encryption, data loss protection, secure archive, secure first-contact and quick reply options with no recipient signup required, document life-cycle management with self-destruct, control, delivery and tracking options, automatic key management, and private-key protection.
Sans Target: the ZSentry technology eliminates (rather than just protects) common attack targets. This helps allay staff concerns and reduces risk for everyone, including in the cloud and at the client's end. For example, ZSentry does not store your keys, Password and Usercode anywhere, not even encrypted. As another example, if you use the default ZSentry Automatic Skin, a part of your encrypted message may be stored online but the stored part is Sans Target and does not by itself allow the message to be decrypted.
Android / Apple / BlackBerry / Google / Microsoft / MoreCan I prevent Google from reading my Inbox?
Yes, and anyone else. Protecting messages in the Inbox and other incoming folders is particularly critical when using cloud providers, phones, and online systems. You can continue to use Google Apps or GMail while ZSentry provides five concurrent barriers to prevent this privacy issue:Can I prevent Google from reading my sent mail?
These options dovetail well with a HIPAA-compliant ZSentry Secure Vault copy that can be automatically created and stored in the Google Apps Inbox or Google Drive; see items #4, #5 and #6 in the ZSentry for Google How-To »
Yes, and anyone else. Protecting messages in the sent mail folders is particularly critical when using cloud providers, phones, and online systems. You can continue to use Google Apps or GMail while ZSentry provides two options to solve this privacy issue:Can ZSentry also secure Google Drive, Docs, Spreadsheet, and Calendar?
Both options dovetail well with a HIPAA-compliant ZSentry Secure Vault copy that can be automatically created and stored in the Google Apps Inbox (and Google Drive); see items #4, #5 and #6 in the ZSentry for Google How-To »
Yes. You can store and share documents encrypted with ZSentry in Google Apps (including Mail, Drive, Docs, Spreadsheet, and Calendar), and they can be retrieved for decryption without Google scanning.What productivity and collaboration tools can I use with ZSentry?
For example, ZSentry lets you store information encrypted in Google Calendar and this can be automated by IT through the ZSentry API, or can be done manually, all in an easy way.
With Google Drive, you normally click "upload file to Google Drive" from an email attachment. ZSentry uses the same Google process. By using ZSentry you will encrypt the file and send it as an attachment, which encrypted file you can then upload to Google Drive. There is more than one way to do so and this can be automated by IT through the ZSentry API, or can be done manually, all in an easy way.
The choice is yours. ZSentry works cross-platform, as a middleware in-between the end-points, so that there are no changes for anyone while everyone gets more value from what they have. ZSentry functionality is already included in cloud-based, on-premise, and mobile solutions, which can now become regulatory compliant with anyway mobility, as well integrated and improved in new ways.How can ZSentry help manage information sharing?
For example, use with any or all of Android (Samsung, HTC, Motorola), Apple (including Mac, iPhone, iPod, Mail, iPad, iCloud, Safari), BlackBerry (RIM devices, Mobile Fusion), Google (Apps, GMail, Chrome), Linux (including Apache, Postfix, Dovecot), Microsoft (Windows, Phone 7, Outlook, Outlook Express, Live, Windows Mail, Office, Office 365, Exchange, Internet Explorer), Mozilla (Thunderbird, Firefox), Nokia (S60, Lumia), Yahoo, and other products, for secure mail, webmail, SMS, IM, web forms, Single-Sign-On, file storage, and other applications.
This question fits in our larger theme, where ZSentry is used to improve applications and user devices in many areas, in addition to adding end-to-end encryption and HIPAA compliance.Can people read and reply to me, even if they are not a ZSentry user?
Sharing information is a key benefit of using email, SMS, and Google Apps, for example, but can also be a big problem as we all know. In particular, organizations and individuals want to prevent undesired information sharing and disclosure.
Google Apps itself and other tools in the marketplace offer some solutions to this problem, whereby sharing of documents outside the domain can be restricted, or sending email outside the domain may be prohibited.
These solutions, to use technical terms, are discretionary rather than mandatory. When using email or a cloud service for example, a "restriction" provides no assurance that the information is not being shared in an unintended way. Mandatory control requires encryption, which is effective with the caveat that the customer must control the keys (not the service or cloud provider).
ZSentry provides this higher-level of assurance. With ZSentry, user data is protected by end-to-end encryption, onsite, online, and at rest, where the user and not ZSentry or the provider holds the keys.
ZSentry can then be used effectively to control information sharing when using email, Google Apps or other application, and also add tracking and use data.
This can be useful (for example) with student accounts provided by an educational organization, even if the organization is not interested in encryption or HIPAA. That's because the organization may benefit by ZSentry's higher-level of assurance in protecting information sharing, as well as providing tracking and use data.
ZSentry has been noted for this application, often as the only solution mentioned to better protect information sharing with GMail and Google Apps for example.
This item includes online contributions by the community.
Yes, in desktop and mobile devices, with no setup. Your recipient (even if not a ZSentry user) can use the FREE Secure Read & Reply»Can I use ZSentry to send and receive secure SMS?
Yes and, as chosen by you, your ZSentry SMS can also Self-Destruct (Expire), send back a Return Receipt upon delivery, authenticate the recipient, and provide you with a Secure Vault copy. The specific instructions for SMS (texting) are at ZSentry SMS»Can I use ZSentry to securely store and receive fax? Can I reply securely?
Reply: ZSentry also lets you reply securely by SMS or email. Instead of texting back, and be limited by SMS, your recipient (even if not a ZSentry user) can then use FREE Secure Read & Reply»
Yes. The specific instructions for secure fax are at ZSentry Fax»Can I use ZSentry to securely store and hear my voicemail and voice files?
Reply: ZSentry lets you get out of fax use and reply securely for example by email or SMS (text). And you can also set your reply to Self-Destruct (Expire), send back a Return Receipt upon delivery, authenticate the recipient, and provide you with a Secure Vault copy. Instead of sending another fax, your recipient can then use FREE Secure Read & Reply»
Yes. The specific instructions for secure voicemail are at ZSentry Voicemail»What advantages can ZSentry offer when using cloud solutions?
Reply: ZSentry lets you get out of phone use and reply securely for example by email or SMS (text). And you can also set your reply to Self-Destruct (Expire), send back a Return Receipt upon delivery, authenticate the recipient, and provide you with a Secure Vault copy. Instead of calling or leaving another voicemail, your recipient can then use FREE Secure Read & Reply»
First, privacy and security. And new functions such as Self-Destruct and Secure Vault, allowing users to do more while keeping costs down. ZSentry also provides seamless integration and more reliability for cloud, desktop, mobile, and web solutions, allowing users to greatly benefit from their integration.How about iPad, iPhone, Android and phone security?
With ZSentry could users can, for example, keep a plaintext copy of their sent emails in local files only, for privacy. They can also mashup with desktop data/services, including Outlook and Excel, which are much easier for corporate setup and dealing with moderate to high mail volume, incoming or outgoing.
ZSentry enables users to securely integrate data from different applications and different sources on the desktop in ways that people can't do so well yet with just cloud solutions, such as in sending secure personalized messages merging each recipient's name and records.
Using ZSentry, this can all be integrated with cloud systems such as Google Apps, GMail, Office 365, and Yahoo, offering redundancy, higher availability, easy access from anywhere, much lower cost (even free), 24/7 maintenance, and other benefits.
In the current Apple iOS version, iPad and iPhone devices store in keyboard cache files whatever the user types. However, Apple says that the iOS keyboard cache does not store data entered into a password field. All ZSentry services, including ZSentry Mobile and ZSentry App, use password fields to request both the user's ZSentry Usercode and Password, and should not have the user access credentials stored by the iOS.Can ZSentry help if my phone or tablet is lost?
Typing a secure email using iPad, iPhone, or any another device that has a keyboard cache file, can create a local plaintext copy of the message, even if the application does not store a plaintext copy (in a Sent folder, for example). If those are concerns in your case, we have solutions that may fit your needs; please submit a Support Ticket
ZSentry can help in many ways, even not requiring phone preset.How about email continuity? Network failure?
For example, you can safely keep your ZSentry messages encrypted in the cloud or keep ZSentry Secure Vault messages in your phone, tablet or any device, where every message is individually encrypted and requires your ZSentry two-factor authentication to read.
ZSentry will also self-destruct any messages using end-point authentication that expire, reducing everyone's window of exposure. When you use Secure Quick Reply, no copy is left in your device. When the message uses ZSentry Return Receipt, it automatically sends a notice to the sender with Who, Where, When, What and How information from the device upon reading the message.
With preset, ZSentry is compatible with third-party solutions to provide online access to self-service smartphone security functions, which let users reset a device password, lock a device remotely or wipe data from a device if it is lost or stolen. For more information, please submit a Support Ticket
ZSentry is a complement to Microsoft, Google, and other platforms, so that your ZSentry setup can use any or all of them, with redundancy and diversity, and change the mix at any time.How does ZSentry work with Google Apps and GMail? Single-Sign-On?
This allows you to easily "route around" and overcome a failure affecting a system or its network. For example, you can use a cell phone to send and receive secure email if your office Internet line is down.
With ZSentry you do not have to choose between desktop, cloud, web, and mobile setups. Read more
From the end user's point of view, after setup, ZSentry Single-Sign-On (SSO) is invisible, just as with an installable Google App, albeit without storing PHI in your Google account. The user is logged in to Google Apps, going about a task, and then decides to send a secure email. The user clicks Compose and sees a drop-down list for the 'From' address. The user selects the 'From' address that uses ZSentry, writes the email, then clicks Send. That's all! The email is sent encrypted, securely, with all the ZSentry options. The SSO operation occurs behind the scenes, in-between clicking Send and the email being actually sent. If the user notices anything, it will be the absence of an intermediate login step.If I send a ZSentry mail to email@example.com, how do they receive it?
Behind the scenes, when you click Send in Google Apps, your email is protected by ZSentry using encryption and authentication before transmission (by Google-ZSentry server-to-server authenticated SSL/SMTP), and will be delivered encrypted per-message, end-to-end (by ZSentry). You receive ZSentry secure email at your own Inbox (in GMail, Google Apps, or in a Mail Client using your Google account), can read & reply securely, and avoid online breach notification liability.
How this works internally at ZSentry? There are well-known and recognized standards for encryption of email, including ITU-T and IETF X.509/PKI with S/MIME, and PGP with or without PGP/MIME encoding. ZSentry was developed after these standards and improves upon them in both usability and security. ZSentry reduces the requirements in four critical areas, as mentioned in this FAQ (see item "Why is ZSentry secure?").
Thus, from the technical viewpoint, standard encryption technology with the unique ZSentry Sans Target method keeps email safe and HITECH Safe Harbor compliant, sending data between parties as regular email without pre-arranged passwords. Even Google can't read or scan it. It doesn't require installation of any software, which promotes usability, and it even adds functionality such as self-destruct, with message level access control. It's also free for patients and personal use. Price starts at $9.99.
This item includes online contributions by the community.
This answer is not specific to GMail and applies also if you send a ZSentry mail to firstname.lastname@example.org or any other address.Do we need Google Message Encryption?
They receive ZSentry secure email at their own Inbox (in GMail, Google Apps, Yahoo, or in a Mail Client). Both you, the sender, and the recipient can choose how they can read it, within your different roles. Suppose the sender chooses 'Automatic Skin', which is the default. The recipient gets a link to see an encrypted copy in the browser, and may also get a link to read the email directly in a Mail client (including Outlook, Apple Mail), where in both cases the recipient can reply securely with the From address that uses ZSentry. Alternatively, the sender can choose a different Skin and send the whole message encrypted, not just a link.
How does GMail or Yahoo know how to decrypt the message? The link in GMail or Yahoo connects in SSL to zsentry.com where the request is processed according to the sender's delivery request: for example, recipient must login. Or, recipient's mailbox must be authenticated. In each case, the sender may allow reading only until expiration (self-destructing afterward), request a return receipt with Who, Where, When, What, How information, and request other options such as to send back a secure archive copy that does not expire.
This item includes online contributions by the community.
No. ZSentry does not use Postini, Google Message Encryption, any other add-on, or plugin.Can Medical Practices use GMail, Google Apps, MS Office 365?
ZSentry makes it simpler and safer for customers, because ZSentry is HIPAA-compliant with or without a HIPAA Business Associate Agreement (see this FAQ), and is also HITECH Safe Harbor compliant.
Even if your current encryption solution is HIPAA compliant, if it is not also HITECH Safe Harbor compliant then your organization is still subject to large fines, breach notification duties, loss of reputation, and can be sued by users in case of a breach.
Furthermore, beware of security solutions that use passwords for security, which is neither usable for the recipient nor secure. ZSentry uses two-factor, strong authentication, without passwords (even though, for familiarity, the second-factor is called ZSentry Password).
ZSentry is already integrated with Google Single-Sign-On and Mail in Web browsers, Mail clients, and ZSentry App. The ZSentry for Google solution provides end-to-end security and usability, with no required Business Associate Agreement to sign, and eliminates (rather than just reduces) breach notification duties, operating in the Safe Harbor condition.
This item includes online contributions by the community.
Yes. Google Apps, GMail, MS Office 365 or any email you use, can be HIPAA compliant using ZSentry. There are no add-on, plugins, or changes to the user interface.Where I can find help on using ZSentry for GMail / Google Apps?
For example, ZSentry encrypts all data stored and transmitted via Google Apps, per message and such that Google administrators or anyone breaking into your Google account would never be able to read the PHI. This means HIPAA/HITECH Safe Harbor compliance. You can use Google Apps and GMail also through Outlook, or use ZSentry directly with Outlook. And patients can use GMail + ZSentry without cost to send and receive PHI, using Free Reply choices that you can easily provide to them.
This item includes online contributions by the community.
Please go to ZSentry for Google How-To»Where I can find help on using ZSentry in general?
Please go to ZSentry How-To»How about Hosted Exchange on the MS Office 365 platform?
ZSentry works in both environments. For example, you can set an Android phone to use Office 365 through Exchange to receive all email and send regular email, while the ZSentry account sends all secure email (and receives no email).Does the sender always have to select the secure account?
With ZSentry App, ZSentry always sends encrypted. With ZSentry Client, the behavior depends on the Mail client.Why would some people think that email is hard to encrypt?
For example, Outlook can lock sending to be done by ZSentry as default, as exclusive option, as defined by the user, or as defined by policy (as a function if Subject or recipient, for example). Exchange Server can do the same, but centralized. Google Apps can also be set to send securely by default, or as selected by the user.
Because that's how it has ever been, for more than a generation. Before ZSentry, people thought that secure email was one of those things that you can't really explain to people. It was seen as something that senders and recipients had to see in action, something that they both had to experience.
That has all been solved with the launch of ZSentry, which improves, secures, and aggregates user's services on the desktop, phone, and web browser. Without any service or device changes, ZSentry users can do more — they can send, store, and read secure, HIPAA compliant data on multiple platforms, all at once. User services include email, webmail, SMS, IM, file storage, and single-sign-on. ZSentry works with leading solutions including Google Apps, Outlook, and iPad.
This item includes online contributions by the community.
Roll-out & Use questionsWhy is ZSentry easy to use?
You already know how to use ZSentry, all you need to do is one mouse click.There is NO download, NO installation process, NO plugins, NO digital certificates to buy or send, NO changes at all in your system. Zmail ends the encryption / decryption hassle that for more than 15 years has prevented the widespread use of email encryption.How can ZSentry help my workflow?
Encrypt with 1-click. You send encrypted Zmail using your own desktop Mail client such as Outlook and Apple Mail, a Cloud app such as Google Apps and GMail for any email address including Yahoo and Hotmail, or the Zmail app using only your web browser. Easy to send, even on first contact.In summary, senders and recipients can easily use ZSentry to improve, secure, and aggregate their current services, without any changes in the user interfaces. ZSentry works with leading solutions including Google Apps, Outlook, Android, iPhone, and iPad. Protected services include email, webmail, SMS, IM, file storage, and single-sign-on. Improvements include complementary ZSentry functions for document control, delivery, tracking, and auditing, such as Self-Destruct, Return Receipt, Secure Vault, Secure SMS, and Certified Delivery.
As you use ZSentry, you can improve business flow and mitigate the regulatory burden facing your organization.What can I use ZSentry for?
People are concerned about someone leaking confidential messages, password and keys. People also know that, in spite of best efforts, an online server can be attacked and information copied, in a service provider or even in their own secure server. Organizations also have a legal obligation to prevent privacy breaches, and not just for medical records (HIPAA).
There are other reasons, as well. For example, did you ever need to call to see if your email arrived? Do you think that someone could falsely claim that they did not receive your email, say that they sent it at an earlier time, or say that they received it later than they actually did? Are you concerned about email phishing and identity theft?
Today, those problems are recognized as major sources of fraud losses and concern, posing significant challenges to anyone from individuals to large corporations. Those problems are solved by ZSentry Mail. For more, read Encrypt & Self-destruct
ZSentry has several modules. For example the Mail module, which is used to provide ZSentry Mail (Zmail) services.Do I need to install ZSentry?
Organizations can use Zmail to protect their business information and also to protect their customers from phishing emails; health care organizations and professionals can use Zmail to protect the confidentiality of private and health information in their email exchange; associations can use Zmail to send secure ballots for their members to vote securely without paying postal mail; law firms can send electronic and scanned documents with Zmail to cut down on FedEx costs and time. To track if their email was actually opened, when, where, and how, Zmail users can easily request a return receipt as a condition for the recipient to decrypt their message. Zmail messages can be further controlled, with release date, expiration date, unforgeable digital signature, and other features.
Varied business processes, from lead generation to online sales and requesting payment, can be done securely in 1-click using your existing email solution or web browser, with no plugin or download, and without requiring new investments, by means of "instant-on" ZModules such as, for example, Secure Mail, Secure Forms, and Secure Vault.
No. ZSentry works using technologies already built into your Web browser and Mail client software, on Windows, Mac OSX, or Linux.What if I need to update or change my phone? computer?
ZSentry is compatible with Outlook, Thunderbird, Mac Mail, Eudora, GMail, Yahoo, AOL, Firefox, Internet Explorer, Safari. There is NO download, NO certificates to install, NO pre-enrollment of recipients, NO password exchange with your recipients.
With nothing to download or learn by your recipients, you can use ZSentry right now to control and protect your email address, your identity online, emails and attachments.
ZSentry does not change, store or setup anything in your computer or phone.Do I need to change my domain's DNS MX or SPF record?
If you update an app in your phone that uses ZSentry, the setup for ZSentry should be automatically transferred when you update the app. For example, if you use ZSentry for GMail in your phone, or if you use ZSentry App. Otherwise, you may need to setup the app. There is no download or installation in any case. After the device or app update, just please test and everything should work fine.
Short answer: No. More details below.How about support for setup, roll-out, and ongoing if needed?
A mail exchanger record (MX record) is a type of record in the Domain Name System (DNS) that specifies a mail server responsible for accepting email messages on behalf of your domain. ZSentry does not receive email for your domain. Therefore, there is no change to your domain's MX record.
A Sender Policy Framework (SPF) record is a type of record in the DNS that identifies which mail servers are permitted to send email on behalf of your domain.
ZSentry sends secure email on behalf of your domain. If your domain does not have a SPF record, or the SPF record does not identify the ZSentry mail servers, then your email should receive a "neutral" classification in terms of spam (neither permitted nor denied). The intended result in terms of the SPF specification should be "accept". Therefore, there should be no need to change your domain's SPF record.
However, if desired, you can change your domain's SPF record by adding the following mechanism:
include: zsentry.comwhich will include the ZSentry mail servers that can send secure email on behalf of your domain.
ZSentry provides initial and ongoing support. Please go to ZSentry Signup » for signup and roll-out procedures for organizations and individuals.How can I see the encrypted ZSentry message?
For organizations, the roll-out process is usually done in two phases:
The answer depends on sender choices. If the sender used the Automatic Skin (default), after you click to read and your identity is authenticated (as chosen by the sender), then click "Original". The encrypted message will be shown to you, as it was sent. If the sender used the ZSENTRY Skin (set in the ZSentry Dashboard or Task Code), you will see the encrypted message directly in your Inbox and will then decrypt it through ZSentry App (requires login).How does ZSentry fit in?
For example, a typical encrypted message would look as follows:
For organizations, ZSentry brings certified HIPAA, ARRA, HITECH Safe Harbor, and regulatory compliance with no changes, albeit with more capability and improved services for employees and users.What does ZSentry Premium do for me?
For individual accounts, for example an independent physician or an investment manager, ZSentry brings the same benefits without requiring external IT support.
For users, it is free and hassle-free to read, store, and reply securely. With no pre-arranged passwords, changes, setup, signup, or added cost, ZSentry broadly improves the utility, security, mobility, and usability of end-user devices for desktop and phones in any OS.
ZSentry fits in-between what organizations and users already have, and lets everyone get more value from what they have. For example, you can send secure email and SMS (texting) messages using your desktop, cloud service, or phone, automatically secured with no concern that recipients will have password, technology, or device issues in any platform, while ensuring HIPAA and regulatory protection to send, read, store and reply.
ZSentry connects productivity apps and services across every platform.
NMA ZSentry Premium adds regulatory compliance, including HIPAA & HITECH Safe Harbor, mobility, functionality and usability, without changing your current solutions and providers. You can send securely to anyone with an email address, and receive their secure reply on first contact without requiring registration. ZSentry Premium may also be branded and customized. Read more»What is Secure Quick Reply?
This is a ZSentry service offered by senders to recipients, providing Free Reply choices. All choices enable free, secure, first-contact messages and reply. Price: No cost.Tell me more about ZSentry
There is no catch: we offer Free Reply choices to allow the recipients of paid ZSentry Premium messages to read and reply to them without cost, just like postal mail with a SASE (self-addressed, self-stamped envelope), but with higher security.
This service is offered using the ZSentry Basic terms of service, enabling cost-free end-to-end encryption, decryption, and authentication for personal use. To prevent abuse and spam using the free service, ZSentry Basic users can send a limited number of secure email Zmail messages a day. There is no limitation for reading.
NMA ZSentry is a technology and cross-platform service for secure, usable, and seamless exchange of information for email, webmail, SMS (texting), IM and other services. ZSentry provides standards-based identity and secure services with unique benefits including:Why some people think that email is hard to encrypt?
Because that's how it has ever been, for more than a generation. Secure email was one of those things that you couldn't really explain to people. It was something that senders and recipients had to see in action, something that they both had to experience, be trained for and make sure was compatible with their OS and devices.How does ZSentry do it?
That has all been solved with the launch of ZSentry, which improves, secures, and aggregates user's services on the desktop, phone, and web browser for any OS. Without any service changes, users can send, store, and read secure, HIPAA compliant data on multiple platforms, all at once. User services include email, webmail, SMS, IM, file storage, and single-sign-on. ZSentry is already integrated with leading solutions including GMail, Google Apps, Outlook, Android, iPhone, and iPad.
Simplicity is the key used by ZSentry to get both security and usability.How long may the recipient view the message?
ZSentry is a distributed middleware platform. It works in-between what you already have, and that's why ZSentry does not change what you have and lets you get more value from what you have. There is nothing to install either, and setup is optional. ZSentry also includes a 24/7 auditing and self-management system.
With ZSentry, you get more value from what you have. You receive secure email at your usual Inbox, with nothing routed through ZSentry, for an email address that you already have. You use your current software, mail clients, cloud clients, ISP or webmail provider, and devices. ZSentry does not receive email and does not host email addresses for users. There is nothing to download or install, no plugins or add-ons. There is no need to change your user interface. There is no POP or IMAP server use.
ZSentry does not change your recipients' or anyone else's email or system either. Everyone keeps what they have, no new investments, no training, no change. Organizations and power-users can also use ZSentry to directly interface with office applications such as Word, and server applications using .NET, PHP, and other languages.
The sender controls how long the recipient may view the message. This is controlled technically by session control, self-destruct, and by legally effective copyright expiration. Even if the recipient takes a picture of the message, use after expiration is a copyright violation. Read moreHow fast is ZSentry?
For email continuity, if the recipient uses ZSentry Client (e.g., with Outlook) the message is decrypted in the mail client and can be stored decrypted for viewing at any time. Again, the sender's copyright restrictions apply but this is likely not relevant within the same organization, for example.
Fast! The usual processing time is less than a second. Just as with regular emails, network delays may, however, result in a slower performance at your location.How to submit a question?
This item includes online contributions by the community.
- click Quick Start Guide»
- click Support Center»
|Main Technical Notes|