Security Information
HIPAA and Safe Harbor Compliance

ZSentry supports High-grade Encryption (AES-256, 256 bit keys), X.509/PKI server-authentication, and uses an SSL (Secure Sockets Layer) Server Certificate with online certificate status validation.

All ZSentry SSL pages must begin with

The SSL Server certificate must currently have the values given below.

SSL Server Certificate issued to:
  Common Name (CN):
  Serial Number: 3B:07:8F:DC:3F:10:FF:29:5E:ED:73:FC:59:B9:E1:92
Issued by: Thawte SSL CA
Expires on: 1/17/2016
Supports: High-grade Encryption (AES-256, 256 bit keys)

ZSentry provides end-to-end security with per-message encryption, access control, and 24/7 auditing. Only you have your ZSentry Usercode and Password, they are not stored by us, and we do not know them. There are no password or usercode files that could be targeted anywhere. We call this unique property Sans Target, which is used by ZSentry also to protect your user-keys and user files.

HIPAA and HITECH Safe Harbor: compliance is provided as specified in the ZSentry Compliance Statement.

Single-Sign-On, Mail, and Web: ZSentry is available through SSL/SMTP and HTTPS, and is securely integrated with Single-Sign-On, Mail and Web use with Google Apps, Gmail, Outlook, web browsers, and other clients. Add-ons and plugins are not used.

ZSentry and ZSentry Mail (ZMAIL) use standards-based Secure Sockets Layer (SSL) for secure transactions. Information exchanged with an address beginning with https is encrypted using SSL before transmission. SSL applies encryption between two communicating applications, such as at your PC and at our secure Internet server, authenticated at our server end. When your data is transmitted over the Internet, it is encrypted at the sending end and then decrypted at the receiving end.

ZSentry goes beyond SSL

Why can't I just use SSL to protect my email?
Email is a message not between one client and one server but between your client and another client, with possibly several independent servers, routers, caches, buffers, content analysers, traffic analysers, monitors and storage devices in-between, including humans. SSL cannot protect your email message from client to client, and cannot prevent spoofing, phishing and pharming.

Your email message needs to be protected end-to-end, so that no one can eavesdrop, tamper, fake, spoof, or even automatically scan and index information from it. In addition, ZSentry protects your message at the end-point with control features including Release Time and Expiration Time (Self-Destruct Email).

Read more: ZSentry Spoofing, Phishing, Pharming and Spam FAQ

Main Technical Notes
Overview   Key Features   ZSentry App   ZSentry Client   API   Smart IT   SAML & SSO
  Security   Usability   HIPAA & HITECH   Experience   Why ZSentry?   Red Flags   SUMMARY

Development and © by NMA

Trademarks and Copyrights as described in our Legal Statement. We protect Your Privacy.