Assure Data Privacy

“Every Email, Every Address, Every Time!”

EmailSentry is an Outlook Add-In that attaches to the Send button. When a user clicks Send, EmailSentry looks up how safe each of the recipients on the email (To:, CC:, and BCC:) is. If all recipients are OK, you can be confident that this email will be legally encrypted on the Internet, so EmailSentry lets Outlook send the message.

But if any recipient is not safe, EmailSentry gives your company choices for how you want to protect your email. You can configure EmailSentry to:

EmailSentry can keep a log of the safety of every email, showing who sent it, where it went, and the safety score of each recipient. EmailSentry lets you prove your email security compliance, not just in general, but specifically for each and every email.

All this while EmailSentry never looks at the content of your email, or even at the individual recipients -- just the domain name (the part after the "@") of your recipients. Email safety without adding any additional risk to your email!

EmailSentry™: Email Security Inside Outlook (Brochure)

EmailSentry guards your email privacy and complies with GDPR, HIPAA, PCI, CCPA. It protects against several common email threats. In addition, it solves two email efficiency killers: rework due to failed delivery and dis-joint communications.

Have Microsoft Outlook:

EmailSentry:

Unlike when a website has a security problem, email security problems can lie hidden for months. A simple "Man in the Middle" (MitM) attack on a website shows up as a problem on modern browsers: the little "lock" on the address bar is open or turns red. The same error in email does not show on either the sender or the receiver's screens. Unless you are using EmailSentry.

Many mailers do not validate certificates when encrypting (TLS) email. This means the email is encrypted, but could be intercepted or delivered to the wrong place. It does not help to safely deliver your information to an interloper. EmailSentry does check certificates.

Deal with emails that are going to be a problem before they are a problem. Know before you send an email that one or more recipients will not get the message. This prevents:

Try EmailSentry For Free

Try EmailSentry for free for 30 days to see how it works and if it is a fit for your organization. Free Trial
Purchase EmailSentry

Volume pricing is as low as $1 per PC per year.

EmailSentry is a Business to Business (B2B) product. It is not sold directly to consumers.

When a company purchases EmailSentry, we create two webpages: one describes a "pull" installation process the company's users use to install EmailSentry, and the other is a "help" or "about" file that describes how to use EmailSentry. We provide the source code for these pages so you can customize them with your own logos and links.

Actual end-user installation happens two ways: pull or push. A pull install is performed by users following a simple two-step instruction that is typically sent to them in email. A push install is performed by the IT department using group policy or a PC management tool like SCCM. More information about the installation options is available Here.

You can see the information that we use when creating an EmailSentry license, and get started with the process (no commitment) Enter Info.

EmailSentry has a money back guarantee if you are not satisfied with the product, and every EmailSentry license includes a Corporate Subscription to the CheckTLS.com website. Sign up for a Full License to begin using EmailSentry to protect all your email, or just to run a trial with multiple users.
Contact Us with any questions.

Testimonials

"From my point of view the solution is just brilliant. GDPR is horrible when it comes to convenience towards everyday work but now I have a solution my users barely see. I have scheduled a conference call with our legal department and when they agree this solution is GDPR-compliant I will definitely order more licenses."



"The new MSI installation is very much appreciated it really makes managing the Addin a lot easier for us. I already installed some and didn’t noticed any problems."



"Our primary usage for this addon is for our international team. Every now and then they have to send emails to international partner companies where personal information might be included. Due to GDPR it's necessary to ensure that this information is transport level encrypted. This add-in will save them a lot of time and effort for this purpose - as well as making our compliance officer happy."

Features
What EmailSentry Does

When you click Send in Outlook, a small window pops up on top of Outlook that shows EmailSentry is working:

checking popup

As long as all of the addresses are secure, the popup disappears and the email is sent.

But, if one or more addresses are not secure, the popup stays visible, stopping the email from sending. It erases the good addresses shows just the insecure addresses:

failure popup

You choose what to do with this email, now that you know that one or more recipients is not secure.

Safe and Secure

EmailSentry protects your information and is very safe to install. It does not send email addresses, and it runs inside a Microsoft ClickOnce "sandbox" on your PC.

Puts A Person In Control

If there is a security problem, EmailSentry stops the email from going to anyone and it lets you decide what to do. You can make the email safe by removing the problem email recipients or removing the confidential information. Or you can choose to not send the message at all, or you can decide to take the risk and send the message anyway.

You make the decision what to do with email security problems immediately, while the email is fresh in your mind, not later when a bounce comes back.

No More Dis-Joint Emails

If you have ever replied-all to a group message, only to have a bounce or two come back, you know what this means. When you get a reply-all bounce, you realize that the original message also bounced, so some people never got the original message. The same is true for in-line encryption devices and services. They return a copy of the original email for each addressee that is not secure, and they do nothing to inform the rest of the group that someone(s) did not receive the email.

With EmailSentry there are no bounces. You remove the insecure address or remove the confidential information and eliminate the problem before it happens.

Nearly Transparent

The pop-up window is a constant reminder to your users to be aware of email security, but it doesn't get in the way. We can test most email servers in just a few seconds: 80% in less than 3 seconds and 90% in less than 4 seconds. Emails to multiple recipients test in parallel, so even large email lists still take just seconds.

Email Privacy Compliance

The Sender is Responsible for Encryption

When you send an email, you are responsible for making sure that email is secure as it goes over the Internet.

Email uses TLS encryption to make sure no one can read email on the Internet. Yet email is designed to "get the mail through" no matter what, so your email will switch to plain text if encryption fails for any reason. (You can check that your email will "get the mail through" at //email/testMandatoryFrom:.)

So no matter how good your email system is, the other side can cause your emails to be out on the Internet in plain text.

You can use our //email/testTo: to check the other side, but just because it is secure today does not mean your email tomorrow will be safe.

Email Security Compliance

EmailSentry can satisfy HIPAA, PCI, GDPR, etc. requirements. It is immediate, at-the-source, email security compliance.

Email Security Compliance Reporting

EmailSentry clients can lookup the security of any sent email. Historical emails can be found by by recipient, by date range, by user, or by combinations thereof: Query.

Clients can compare user's security usage period over period to verify user compliance with company policies: Report.

My Company Needs Strict Compliance

We can customize EmailSentry to meet the strictest email policies.

It can remove the option to Send Anyway, so users cannot send to insecure email address.

It can log all insecure sends, including the email content, allowing you to review all exceptions.

It can route email addressed to insecure domains through another email service, for example requiring the recipient to login to a portal to retrieve their secure message.

Is It Really HIPAA/GDPR Compliance?

Compliance requires that protected information is not readable by anyone but the intended recipient.

For email, an acceptable way to do that is to use TLS encryption during transport. For modern email systems, that means making sure that both sides (send and receive) have TLS properly setup and enabled.

Since you have control over your email, and you (should!) know when it changes, you only need to verify that you send email using TLS once, and then every time you make a change. Our //email/testFrom: is a fast and easy way to verify that you use TLS to send email.

Since you have no control over everyone else's email, use EmailSentry to check the receive side each time you email something.

When you know that both sides use TLS, you know that your email will be encrypted, and you are compliant with your email transport security requirements.

And since this site focuses on testing, we also suggest you test both how you send (//email/testFrom:) and how you receive (//email/testTo:) email regularly, because no matter how sophisticated your email security device(s) are, if they fail they can silently fall back to plain text email and you may never notice.

A final note on security: For organizations with strict security requirements beyond just "TLS, yes or no", such as the acceptable version(s) of TLS and ciphers, the tests on this site, and EmailSentry, can enforce those as well.

Comparison to Other Solutions

Possible Solutions

There are several solutions for assuring you send email securely:

In-line Security Devices
These are network devices that are attached between your email server and your Internet connection. All of your email goes through the device, which makes sure it is encrypted when it goes onto the Internet.
Cloud Security Services
These are Internet services that go between your email server and the Internet. All of your email is "tunneled" to the service, which makes sure it is encrypted when it goes onto the Internet.
End-to-end Encryption
This is extra software you put on every device that can send email, for example user's computers, phones, etc. Your customers also have to put the extra software on their devices to read your email. It encrypts the email right on your device and only un-encrypts it on the reader's device.
End-to-end encryption can allow data leakage because it only encrypts the message body, leaving headers like the To: and Subject: unprotected. An eavesdropper can see who your email is to and what it is about.
Email Outsource
This is a service like G Suite that moves all your email to the cloud.
Mandatory TLS
This is a feature of every modern email server. All you have to do is turn it on. Similar to a security device, this forces every email connection you make to be encrypted. It also means you cannot send email to anyone who does not use encryption.
EmailSentry
This checks right before you send an email if it can be sent securely, and gives you options for what to do if not. See the rest of this page for more information.
Test and Audit
This uses services available from CheckTLS to make sure email security is working. See Compliance for more information.
How They Compare (higher is better)

Higher numbers are better, Features are listed in order of importance.

Feature Mandatory Audit EmailSentry Device Service Outsource End2End
TOTALS 68 57 55 45 39 36 29
Effectiveness 7 1 2 6 3 5 4
Functionality 2 6 7 3 4 5 1
Affordable 7 6 5 1 3 2 4
Ease of Operation 7 2 3 6 4 5 1
Foreign Data Issues 7 7 7 7 1 1 7
Can See Your Email 7 7 7 1 1 1 1
Customer Affecting 7 7 7 7 7 7 1
Adds Point of Failure 6 7 5 1 3 2 4
Ease of Setup 7 6 4 3 5 2 1
Ease of Maintenance 4 2 3 7 6 5 1
Security Risk 7 6 5 3 2 1 4
Comparison Table Explanation

Most of the rows of the table are a stack ranking of each option with respect to that issue. The last few are yes/no, so are scored as 7 or 1.

Effectiveness
How effective the option is at guaranteeing email will be sent securely. All options can meet your security requirements, but some are better than others.
Functionality
How well the option handles success and failure. For example, asking what to do with the entire email is better than returning just one recipient to the sender.
Affordable
The cost of each option.
Ease of Operation
Does it make it harder for your users to send an email.
Foreign Data Issues
Does or could any of your data be stored or transported out of your country.
Can See Your Email
Does it get a complete copy of your email.
Customer Affecting
Do your customers (the people you send email to) also have to do something to use the option.
Adds Point of Failure
Is there something extra that could fail and take down your email.
Ease of Setup
How hard is it to install and configure the option, and if required, to move all your email to it.
Ease of Maintenance
How hard is it to keep the option in compliance, for example do you have to add new domains to it every time you email someone new.
Security Risk
Does it increase the chances of a breach, say by adding another device or supplier that could be hacked.

We welcome feedback on this analysis!

For More Information

See: