ZSentry PKI

ZSentry PKI (BETA)

ZSentry PKI allows you to send and receive PKI-compliant messages using your Desktop Mail client (Outlook, Apple Mail, Thunderbird), a Cloud app (Gmail, Google Apps), or your cell phone (any major brand). There is no installation or plugin. Includes automatic public-key and key certificate management.

Pricing: Currently available by invitation only.

Purpose: PKI (Public Key Infrastructure) is a service of products which provide and manage X.509 certificates for public key cryptography. Among other requirements and options, such as designating a certificate revocation service and an expiration date, certificates are (1) issued by a Certification Authority (CA); (2) provide identifiers for the entity (e.g., an individual) named in the certificate; and (3) bind those identifiers to a particular public/private key pair. PKI products can provide data integrity, user identification and authentication, user non-repudiation, data confidentiality, encryption and digital signature services, for restricted-access or public-use networks.

PKI is often used for signing, encrypting and decrypting email to increase the security of email communications. PKI-compliant products follow the X.509 and PKIX IETF recommendations.

PKI is one of the major encryption engines available today. Many users and corporations are ardent supporters and have significant investment commitment using PKI for protecting email.

ZSentry offers significant improvements in usability and security for secure email. Now, ZSentry PKI provides a compatible solution to conventional PKI secure email. ZSentry PKI also improves the functionality of PKI solutions by adding the ZSentry document lifecycle control functions, such as self-destruct, Return Receipt, and other functions.

The critically-difficult and often costly points of PKI, including key-signing (usually by a commercial CA, a Certificate Authority), key and certificate management, key distribution, key validation, key revocation, and private-key protection, are handled automatically and securely by ZSentry PKI. Your private-key, for example, is protected by using the ZSentry "no-target" technology, where the user-key is not stored anywhere, and only you can use it. This assures unprecedented levels of usability and security while using PKI.

ZSentry PKI works with any email application, address and provider that you already have, including Gmail, Yahoo Mail, Microsoft Live, Hotmail, and using your organization's own domain name. There is no installation or plugin.

How it Works: ZSentry PKI is a Skin choice. After you choose the PKI Skin, any email and attachments that you send using ZSentry PKI (for example, from Outlook or Gmail, or using ZSentry App), are protected by encryption and authentication before transmission and will be delivered end-to-end encrypted by ZSentry as a secure email Zmail that is PKI-compliant. All you do is click Send in the Outlook, Apple Mail or Gmail screen. You receive PKI-compliant secure email Zmail at your Inbox, for example in Gmail or Google Apps, and read by clicking a link (also by copy-and-paste, or as the sender has defined).

  • ZSentry PKI complies with HIPAA, HITECH Safe Harbor, GLBA, SOX, and financial regulations.
  • No HIPAA Business Associate Agreement to sign.
  • In enabling first-contact communication, ZSentry can be used as the common-reference directory, leveraging prior non-PKI communication (for example, using ZSentry native mode or PGP) to issue a PKI certificate. This is important because X.509/PKI standards require that the identity and keys of both parties in communication must be defined in public-key certificates established using common-reference directories, before secure communication can start.
  • ZSentry PKI works seamlessly cross-platform for reading & replying, providing intuitive and secure one-click use Cloud apps, desktop mail clients, and cell phones. A first link is marked for web browsers (no setup); a second link opens in Desktop and Mobile Mail clients (may need setup).
  • ZSentry PKI is a "no-target" technology that eliminates the online copy and storage of passwords, private-keys, and keys, thus eliminating major risk factors in protecting servers and clients against breaches due to penetration attacks.
  • ZSentry leapfrogs today's security solutions. Companies that could be nervous about safe-keeping their private-keys, which disclosure could compromise their emails and trade secrets, can use ZSentry's "no-target" technology to allay disclosure concerns due to breaches in local or online solutions.
  • The ZSentry SMTP server starts SSL before any data is exchanged, and never uses plaintext.
  • ZSentry PKI conforms to IETF RFC 4880, uses two-factor authentication, and certifies both your Name and Email Address before a message is sent or read.
  • Encrypted Address Book with automatic key management.

Use Now: Get the Setup Instructions >>


X.509: The ITU-T (ITU is the International Telecommunication Union) Recommendation X.509 defines the framework for the provision of strong authentication services using a "directory" paradigm, where the identity and keys of both parties in communication must be established using common-reference directories before secure communication can start.

Main Technical Notes
Overview   Key Features   ZSentry App   ZSentry Client   API   Smart IT   SAML & SSO
  Security   Usability   HIPAA & HITECH   Experience   Why ZSentry?   Red Flags   SUMMARY

Development and © by NMA

Trademarks and Copyrights as described in our Legal Statement. We protect Your Privacy.