Swiss-Hungarian end-to-end encrypted cloud service provider Tresorit has added a new string to its security bow: it has started offering E2E encrypted email as a subscription add-on for business users of vendors. third-party email services.
Tresorit’s E2EE module allows subscribers to send and receive strongly encrypted email through their usual email provider – with the enhanced level of security as the plugin is wrapped in the same zero-knowledge promise that Tresorit claims for its file storage and sharing products.
How does the tool work? The Tresorit account holder downloads and installs the plugin, which integrates with their existing email client. From its launch, it is available for Microsoft Outlook, but other integrations are planned, in particular with Gmail.
An Outlook user can access the feature by clicking the “Email Encryption” button that appears in the upper left corner, according to a spokesperson.
“All emails and attachments sent with Tresorit email encryption as well as replies sent to them (whether or not the sender of the reply has a Tresorit account) will be end-to-end encrypted with the encryption technology used in Tresorit’s cloud storage and file sharing application. This means that no one but the sender and recipient can read them,” she told us.
Mail users who are not Tresorit subscribers themselves but want to send an E2EE email reply to an E2EE email sent through Tresorit can do so without needing to have an account.
“This is possible because the responses are encrypted in the sender’s browser,” explains the spokesperson. “This ensures that reply emails are end-to-end encrypted, even when sent by someone who does not have a Tresorit account. Unlike E2EE email services, this allows E2EE communication even with a recipient who does not have a Tresorit account.
“If someone without a Tresorit account receives an email sent with our email encryption service, [they receive] an encrypted email template with a reference/link to end-to-end encrypted content (this is similar to our Send file sharing service). By clicking on the link, the recipient can access the content of the decrypted email in the browser after certain security checks that prevent the email service provider from intercepting the content.
“Currently, we use email validation as a security guarantee (we send a code to the email address that the user must paste into the Tresorit site in the browser), and we plan to add new methods (sender-provided password, authentication with public SSO providers),” she adds.
A recipient who is not a Tresorit subscriber can also send an E2EE response via an editor in the same browser – by clicking the “Secure Response” option in the body of the E2EE email they received from the Tresorit user.
“The original sender receives an email regarding the reply, but as [they have] a Tresorit account and plugin installed, it allows us to download the content of the response from our servers, decrypt it locally and display it to the sender in their email client in a secure and transparent way,” the door adds. -word.
The E2EE email plugin is aimed at enterprise users – meaning Tresorit does not compete directly with E2E webmail provider ProtonMail which is focused on consumers or small businesses.
Of course, large companies are unlikely to want to move away from industry-leading email providers like Outlook just to get E2E encryption. Tresorit’s approach therefore brings E2E encryption to their existing email client.
“We are targeting large companies that already use an email service like Outlook. Our goal is to integrate end-to-end email encryption into existing workflows and make it easier to send emails securely. Beyond that, we focus on industries that deal with a lot of confidential data and need to comply with strict data protection regulations (legal, healthcare, finance and HR, R&D, IT),” the door notes. -word.
“Currently we are working to make our email encryption work with all major email services such as Gmail (by the end of 2022) and support all operating systems and platforms (Mac, Windows , etc.) From a technological point of view, our solution is independent of the messaging service used by the user (O365, Gmail, etc.).
“Instead of a standalone messaging service, our strategy is to develop end-to-end encrypted tools that easily integrate with workflows and services already used by businesses. We are not targeting users looking an all-new email client. We’d like to enable companies already using consumer web clients to add an extra level of security to their tools, so they don’t have to deploy new email addresses to their entire employee base,” she adds.
Pricing for Tresorit’s E2EE messaging tool is €5 per user per month when paid annually and €6.25 per user per month paid in a monthly plan (in addition to Tresorit subscription fees) .
It also offers a 14-day trial period for new customers and 30-90 days for existing customers, depending on their subscription plan.
Commenting in a statement, Istvan Lam, CEO and co-founder, said:
Our vision is to make cloud collaboration both secure and convenient with the power of end-to-end encryption and to help our users protect their digital valuables. Now bringing our 10-year expertise in cloud encryption to email: our email service is the next big step in creating a secure end-to-end encrypted workspace for businesses of all sizes.
Over the past year, we’ve shifted our focus to enterprise customers and learned that 90% rely on Tresorit to share data with customers, partners, and auditors outside of their organization. . Our new email encryption service is our solution to meet this demand.