POLICY ENFORCED TLS - Feature Sheet
Secured Email Communications Without Complexity and Risk
Email is the quickest and easiest way to communicate with business partners. However, without sufficient safeguards, sensitive data in email communications can leave organizations in violation of privacy requirements, industry regulations, and government mandates for data security.
Encrypting email communications between you and your business partners helps your organization address compliance concerns and data privacy requirements, protecting you against the legal, financial, and brand equity consequences of failing to protect sensitive data in email. While many email gateways offer a best-effort option for implementing encrypted communications, this is unreliable and can leave email unprotected.
As an integrated feature of Google Message Security and Google Message Discovery, powered by Postini, Policy-enforced TLS (Transport Layer Security) service offers your organization an affordable, easy-to-implement solution that automatically encrypts email communications between designated organizations. Encryption is seamlessly applied and always enforced to selected email domains, ensuring that the email will be delivered with the required security to be compliant with data privacy regulations.
What Policy-Enforced TLS Service Does
Policy-enforced TLS is an on-demand service which employs Transport Layer Security, an industry standard protocol, to automatically encrypt email connections between organizations. Google integrates strong TLS encryption with policy-based management tools, ensuring messages are delivered over encrypted connections.
Figure 1: Policy-enforced TLS service ensures that emails between trusted partners are always delivered via a secure connection.
Policy-Enforced TLS
How Postini Policy-Enforced TLS Service Works
Policy-enforced TLS allows you to establish private communications with partners, regulatory agencies, and other affiliates. Email messages are routed securely through Postini’s secure data centers over an encrypted connection, where another encrypted connection is opened to the destination server. The messages are then securely delivered directly to the recipient’s email server. Policy-enforced TLS service provides assurance that no sending or receiving email server will deliver or accept messages without the encryption required by your policy.
The Policy-enforced TLS service encrypts the communications between designated domains while still enabling the email to be comprehensively scanned to ensure that messages are free of spam, viruses, or any other inappropriate content according to your organization’s messaging policies.
On-demand service
Completely hosted and managed by Google, Policy-enforced TLS requires no new software, hardware, or maintenance on site.
Communications privacy
Enforced domain-to-domain encryption prevents the sending of unencrypted emails, providing trusted secure communications with regular business partners without the cost of virtual private networks or leased lines.
Easy implementation
Automatically applies security without any additional integration requirements. Configuration takes minutes using the intuitive management console. There is absolutely no impact to email senders or recipients − no additional software or user keys required.
Simple administration
With a unified administrative console, you can easily set and update policies according to your security requirements, no encryption expertise is required.
Seamless integration
Policy-enforced TLS integrates seamlessly with other Google Security and Compliance services through a unified-policy management platform.
Alerts and reporting
Detailed reporting is available through the web-based administrative console and alerts are automatically generated if the encryption sessions cannot be established.
Policy-Enforced TLS
With Policy-Enforced TLS, you can:
Extend trust to partners by enforcing the use of TLS when communicating with their email domains.
- Easily enforce encryption from domain to domain without additional user steps
- Rapidly secure inbound and outbound server connections for policy compliance
- Define and enforce message encryption policies by domain
- Defer communications that are not encrypted
Conclusion
Policy-enforced TLS enables organizations to securely exchange sensitive email with designated business partners. The strong domain-to-domain encryption helps organizations ensure that their email communications are in compliance with applicable data privacy regulations as well as their own internal policies for data security. The automatic, policy-based encryption is easy to implement and provides a cost-effective solution to ensure that the delivery of email is always secure.
