Email encryption provides Fordham University employees a method for safeguarding the content of email messages from being read by unintended recipients while in transit. Encryption renders the content of your email (including any attachments) unreadable as it travels from origin to destination.
Fordham has partnered with Proofpoint to provide email encryption to secure messages to people outside of Fordham, that is, to non-Fordham email addresses. Email communication within the Fordham domains, fordham.edu and law.fordham.edu, is automatically secured while in transit.
Sending an encrypted email message to a non-Fordham email address requires an extra step. Additionally, recipients of encrypted email will need to complete a one-time registration with Proofpoint to receive and decrypt secure messages. When sending sending sensitive information to an external organization please contact them to see if they have a secure upload or sending solution as well. Some business partners require data be sent via their own built in channels.
The following sections describe:
- How to send encrypted email messages.
- What recipients must do to receive and read these messages.
- Frequently asked questions (FAQs).
For a list and explanation of the various types of sensitive data that Fordham actively monitors for and protects, via our Data Loss Prevention (DLP) rules, please click here.
How to Send Encrypted Email Messages
Using the email encryption service is easy. Simply add [encrypt] to the message’s subject field. Be sure to include the square brackets.
Subject: Important documents enclosed [encrypt]
This step is only necessary when securing an email to an external (non-Fordham) email address.
Replies to this message will also be encrypted in transit and will be seamlessly decrypted and readable in your Inbox without requiring any extra steps.
You may include multiple recipients and attachments. The body of your email and its attachments will be encrypted. The subject line will NOT be encrypted and should not include sensitive information.
Before sending encrypted email to an external recipient for the first time, inform them they will need to complete a one-time registration process with Proofpoint before being able to read your encrypted email message.
What Recipients Must do to Receive and Read these Messages
Non-Fordham recipients of encrypted email will receive a notification with a secure attachment titled, “SecureMessageAtt.html”.
The first time they click on the attachment, a registration box will open, asking for their first name, last name, and a password.
Once your recipient has registered, they can read the email. Registration is only required once. Clicking on subsequent encrypted emails sent from Fordham will bring them to their Proofpoint mailbox where their secure messages are stored.
Notifications to external recipients will also include a link (labeled Click here) to facilitate reading encrypted emails on mobile devices which cannot open email attachments.
Recipients will be able to reply to encrypted messages but will not be able to add additional recipients.
If a recipient forgets the password they set during their Proofpoint encryption registration, they can click the “Forgot Password” link in the Login screen. A password reset message will be sent to the email address they had registered.
Frequently Asked Questions (FAQs)
1) What types of email should be encrypted?
Fordham Protected and Fordham sensitive data emailed to non-Fordham recipients must be encrypted prior to transmission. To review the types of data considered Fordham Protected and Fordham Sensitive data, please refer to our Data Classification Guidelines.
If you have questions about how to share data securely with colleagues within or outside the University, please contact the University Information Security Office at email@example.com.
2) How shall I alert my external recipients of the one-time registration required?
We have provided a sample email for you to use to inform first time recipients of encrypted email from Fordham University.
Fordham University uses email encryption technology to secure sensitive information distributed through email. I will be sending you an encrypted email soon. Here are the steps you must take to read that email.
- You will receive an email notification from Fordham University that a secure email has been sent to you. You will need to complete a one-time registration with our security software partner, Proofpoint Security, before being able to read this email.
- Click on the notification’s attachment titled, “SecureMessageAtt.html”, to complete the registration. The notification will also include a link (labeled Click here) to facilitate reading encrypted emails on mobile devices which cannot open email attachments.
- There is no cost to register for, receive, or reply to Proofpoint-encrypted email.
- Registration is only required once. Clicking on subsequent encrypted emails sent from Fordham will bring you to your Proofpoint mailbox where your secure messages are stored.
3) What is a digital signature?
A digital signature identifies the sender of the email and protects against spoofing. Email spoofing is the creation of email messages with a forged sender address. When viewing secured email in the Proofpoint email Inbox, “Digital Signature is VALID” will appear in the upper right-hand corner. A message with an invalid signature will not be delivered.