GRHC uses the Cisco Registered Envelope Service (CRES) to provide protection of certain sensitive information when it leaves the GRHC network. GRHC uses the Cisco Data Loss Prevention appliance (IronPort) to encrypt email containing certain sensitive data, including identifiable medical, personal, and financial information
All outbound messages from GRHC mail servers to external recipients are scanned for certain potentially sensitive information; if the scan determines that the message is likely to contain sensitive data, it is encrypted, and the recipient is sent email with instructions for accessing and reading the message (see Read a CRES-encrypted message).
- Only outbound mail is affected. This includes mail that originates on Exchange (including OWA). Mail that stays within the GRHC network (for example, from one Exchange user to another) is not affected.
- Mail scanning is automatic. All relevant messages are scanned, and will be encrypted if they are found to contain protected types of information. However, you may ensure that your message will be encrypted by including zsecure (case insensitive) in your subject line; see Ensure that mail sent from your Exchange account to an outside address is encrypted by CRES.
- Attachments are encrypted. If an email message or any of its attachments are found to contain sensitive data, the message and all attachments are encrypted. However, not all file types can be scanned and therefore trigger automatic encryption; if you send any type of message or attachment containing sensitive data, you should force encryption by including zsecure (case insensitive) in your subject line as above. Note that attachments over 10 MB cannot be encrypted and sent by CRES; see Email message size limits.
- Each recipient address only needs to register once. This means that mailing lists that receive an encrypted message can only be registered by the first person to do so. See View a CRES-encrypted message sent to a mailing list.
- You can manage secure messages after they have been sent. By registering your GRHC email address with CRES, you can lock and unlock sent messages, or add or remove expiration dates. See Prevent a recipient from reading a secure, CRES-encrypted message you have sent.
- You can forward and reply to messages securely. By forwarding or replying from within CRES, you can ensure that the sensitive content remains secure; see Replies and forwarding for CRES-encrypted messages.
For more about CRES, see Cisco's About Registered Envelopes and Registered Envelope Help pages. You can also click Help when on the Cisco site to read context-sensitive help.
If you have problems reading an encrypted message, see If you can't read a CRES-encrypted message or contact your the ITHelpdesk.
If your outbound email message was encrypted and you don't think have been, see If IronPort encrypts your outbound email.