Assure Data Privacy
“Every Email, Every Address, Every Time!”
EmailSentry is an Outlook Add-In that attaches to the Send button. When a user clicks Send, EmailSentry looks up how safe each of the recipients on the email (To:, CC:, and BCC:) is. If all recipients are OK, you can be confident that this email will be legally encrypted on the Internet, so EmailSentry lets Outlook send the message.
But if any recipient is not safe, EmailSentry gives your company choices for how you want to protect your email. You can configure EmailSentry to:
- stop the email
- tag the email for special handling
-
let your users choose what to do with the email
- Change it (maybe remove the bad recipient)
- Delete it (maybe call the person instead)
- Encrypt it (maybe put it on a webpage instead)
- Send it anyway (maybe because it has nothing much in it)
EmailSentry can keep a log of the safety of every email, showing who sent it, where it went, and the safety score of each recipient. EmailSentry lets you prove your email security compliance, not just in general, but specifically for each and every email.
All this while EmailSentry never looks at the content of your email, or even at the individual recipients -- just the domain name (the part after the "@") of your recipients. Email safety without adding any additional risk to your email!
EmailSentry™: Email Security Inside Outlook (Brochure)
EmailSentry guards your email privacy and complies with GDPR, HIPAA, PCI, CCPA. It protects against several common email threats. In addition, it solves two email efficiency killers: rework due to failed delivery and dis-joint communications.
Have Microsoft Outlook:
- Assure your company email cannot be seen on the Internet,
- remind your users about email security,
- and make them active security testers,
- all without doing any more than they are already doing.
EmailSentry:
- Checks every recipient on every email on every send,
- automatically just by clicking the same Send button as always,
- seamlessly since Outlook still sends the message,
- almost invisibly.
Unlike when a website has a security problem, email security problems can lie hidden for months. A simple "Man in the Middle" (MitM) attack on a website shows up as a problem on modern browsers: the little "lock" on the address bar is open or turns red. The same error in email does not show on either the sender or the receiver's screens. Unless you are using EmailSentry.
Many mailers do not validate certificates when encrypting (TLS) email. This means the email is encrypted, but could be intercepted or delivered to the wrong place. It does not help to safely deliver your information to an interloper. EmailSentry does check certificates.
Deal with emails that are going to be a problem before they are a problem. Know before you send an email that one or more recipients will not get the message. This prevents:
- the rework required to deal with a "bounce" hours later,
- email "de-synchronization" where some users are unaware that others did not get a message.
Try EmailSentry For Free
Try EmailSentry for free for 30 days to see how it works and if it is a fit for your organization. Free TrialPurchase EmailSentry
Volume pricing is as low as $1 per PC per year.
EmailSentry is a Business to Business (B2B) product. It is not sold directly to consumers.
When a company purchases EmailSentry, we create two webpages: one describes a "pull" installation process the company's users use to install EmailSentry, and the other is a "help" or "about" file that describes how to use EmailSentry. We provide the source code for these pages so you can customize them with your own logos and links.
Actual end-user installation happens two ways: pull or push. A pull install is performed by users following a simple two-step instruction that is typically sent to them in email. A push install is performed by the IT department using group policy or a PC management tool like SCCM. More information about the installation options is available Here.
You can see the information that we use when creating an EmailSentry license, and get started with the process (no commitment) Enter Info.
EmailSentry has a money back guarantee if you are not satisfied with the product, and every EmailSentry license includes a Corporate Subscription to the CheckTLS.com website.
Sign up for a Full License to begin using EmailSentry to protect all your email, or just to run a trial with multiple users.
Contact Us with any questions.
Testimonials
"From my point of view the solution is just brilliant. GDPR is horrible when it comes to convenience towards everyday work but now I have a solution my users barely see. I have scheduled a conference call with our legal department and when they agree this solution is GDPR-compliant I will definitely order more licenses."
"The new MSI installation is very much appreciated it really makes managing the Addin a lot easier for us. I already installed some and didn’t noticed any problems."
"Our primary usage for this addon is for our international team. Every now and then they have to send emails to international partner companies where personal information might be included. Due to GDPR it's necessary to ensure that this information is transport level encrypted. This add-in will save them a lot of time and effort for this purpose - as well as making our compliance officer happy."
Features
- Fast - only stops the user if an email is unsafe
- Easy - works automatically: the sender and receiver do nothing
- Easy - no additional hardware, no extra steps
- Safe - checks every recipient on every email every time
- Safe - the user can override and send anyway
- Safe - test from your IP address space (no blacklists)
- Secure - does not read or copy email contents
- Secure - uses only recipient domains (stuff after the @)
- Secure - domains and results are encrypted in transit
- Secure - every user becomes a security tester
- Control - the user chooses what to do with unsafe email
- Low Cost - under $1 per seat in quantity
- Effective - the failures it finds are surprising
- Effective - send to no one if any one fails
- Effective - reminds every user to be security conscious
- Convenient - know right away, don't wait for a bounce
- Compliance - one product covers many bases
- Customizable - you decide minimum TLS version, ciphers, etc.
- Any Language - you can translate all buttons and prompts
What EmailSentry Does
When you click Send in Outlook, a small window pops up on top of Outlook that shows EmailSentry is working:
As long as all of the addresses are secure, the popup disappears and the email is sent.
But, if one or more addresses are not secure, the popup stays visible, stopping the email from sending. It erases the good addresses shows just the insecure addresses:
You choose what to do with this email, now that you know that one or more recipients is not secure.
Safe and Secure
EmailSentry protects your information and is very safe to install. It does not send email addresses, and it runs inside a Microsoft ClickOnce "sandbox" on your PC.
Puts A Person In Control
If there is a security problem, EmailSentry stops the email from going to anyone and it lets you decide what to do. You can make the email safe by removing the problem email recipients or removing the confidential information. Or you can choose to not send the message at all, or you can decide to take the risk and send the message anyway.
You make the decision what to do with email security problems immediately, while the email is fresh in your mind, not later when a bounce comes back.
No More Dis-Joint Emails
If you have ever replied-all to a group message, only to have a bounce or two come back, you know what this means. When you get a reply-all bounce, you realize that the original message also bounced, so some people never got the original message. The same is true for in-line encryption devices and services. They return a copy of the original email for each addressee that is not secure, and they do nothing to inform the rest of the group that someone(s) did not receive the email.
With EmailSentry there are no bounces. You remove the insecure address or remove the confidential information and eliminate the problem before it happens.
Nearly Transparent
The pop-up window is a constant reminder to your users to be aware of email security, but it doesn't get in the way. We can test most email servers in just a few seconds: 80% in less than 3 seconds and 90% in less than 4 seconds. Emails to multiple recipients test in parallel, so even large email lists still take just seconds.
Email Privacy Compliance
The Sender is Responsible for Encryption
When you send an email, you are responsible for making sure that email is secure as it goes over the Internet.
Email uses TLS encryption to make sure no one can read email on the Internet. Yet email is designed to "get the mail through" no matter what, so your email will switch to plain text if encryption fails for any reason. (You can check that your email will "get the mail through" at .)
So no matter how good your email system is, the other side can cause your emails to be out on the Internet in plain text.
You can use our to check the other side, but just because it is secure today does not mean your email tomorrow will be safe.
Email Security Compliance
EmailSentry can satisfy HIPAA, PCI, GDPR, etc. requirements. It is immediate, at-the-source, email security compliance.
Email Security Compliance Reporting
EmailSentry clients can lookup the security of any sent email. Historical emails can be found by by recipient, by date range, by user, or by combinations thereof: Query.
Clients can compare user's security usage period over period to verify user compliance with company policies: Report.
My Company Needs Strict Compliance
We can customize EmailSentry to meet the strictest email policies.
It can remove the option to Send Anyway, so users cannot send to insecure email address.
It can log all insecure sends, including the email content, allowing you to review all exceptions.
It can route email addressed to insecure domains through another email service, for example requiring the recipient to login to a portal to retrieve their secure message.
Is It Really HIPAA/GDPR Compliance?
Compliance requires that protected information is not readable by anyone but the intended recipient.
For email, an acceptable way to do that is to use TLS encryption during transport. For modern email systems, that means making sure that both sides (send and receive) have TLS properly setup and enabled.
Since you have control over your email, and you (should!) know when it changes, you only need to verify that you send email using TLS once, and then every time you make a change. Our is a fast and easy way to verify that you use TLS to send email.
Since you have no control over everyone else's email, use EmailSentry to check the receive side each time you email something.
When you know that both sides use TLS, you know that your email will be encrypted, and you are compliant with your email transport security requirements.
And since this site focuses on testing, we also suggest you test both how you send () and how you receive () email regularly, because no matter how sophisticated your email security device(s) are, if they fail they can silently fall back to plain text email and you may never notice.
A final note on security: For organizations with strict security requirements beyond just "TLS, yes or no", such as the acceptable version(s) of TLS and ciphers, the tests on this site, and EmailSentry, can enforce those as well.
Comparison to Other Solutions
Possible Solutions
There are several solutions for assuring you send email securely:
- In-line Security Devices
- These are network devices that are attached between your email server and your Internet connection. All of your email goes through the device, which makes sure it is encrypted when it goes onto the Internet.
- Cloud Security Services
- These are Internet services that go between your email server and the Internet. All of your email is "tunneled" to the service, which makes sure it is encrypted when it goes onto the Internet.
- End-to-end Encryption
-
This is extra software you put on every device that can send email, for example user's computers, phones, etc.
Your customers also have to put the extra software on their devices to read your email.
It encrypts the email right on your device and only un-encrypts it on the reader's device.
End-to-end encryption can allow data leakage because it only encrypts the message body, leaving headers like the To: and Subject: unprotected. An eavesdropper can see who your email is to and what it is about. - Email Outsource
- This is a service like G Suite that moves all your email to the cloud.
- Mandatory TLS
- This is a feature of every modern email server. All you have to do is turn it on. Similar to a security device, this forces every email connection you make to be encrypted. It also means you cannot send email to anyone who does not use encryption.
- EmailSentry
- This checks right before you send an email if it can be sent securely, and gives you options for what to do if not. See the rest of this page for more information.
- Test and Audit
- This uses services available from CheckTLS to make sure email security is working. See Compliance for more information.
How They Compare (higher is better)
Higher numbers are better, Features are listed in order of importance.
| Feature | Mandatory | Audit | EmailSentry | Device | Service | Outsource | End2End |
|---|---|---|---|---|---|---|---|
| TOTALS | 68 | 57 | 55 | 45 | 39 | 36 | 29 |
| Effectiveness | 7 | 1 | 2 | 6 | 3 | 5 | 4 |
| Functionality | 2 | 6 | 7 | 3 | 4 | 5 | 1 |
| Affordable | 7 | 6 | 5 | 1 | 3 | 2 | 4 |
| Ease of Operation | 7 | 2 | 3 | 6 | 4 | 5 | 1 |
| Foreign Data Issues | 7 | 7 | 7 | 7 | 1 | 1 | 7 |
| Can See Your Email | 7 | 7 | 7 | 1 | 1 | 1 | 1 |
| Customer Affecting | 7 | 7 | 7 | 7 | 7 | 7 | 1 |
| Adds Point of Failure | 6 | 7 | 5 | 1 | 3 | 2 | 4 |
| Ease of Setup | 7 | 6 | 4 | 3 | 5 | 2 | 1 |
| Ease of Maintenance | 4 | 2 | 3 | 7 | 6 | 5 | 1 |
| Security Risk | 7 | 6 | 5 | 3 | 2 | 1 | 4 |
Comparison Table Explanation
Most of the rows of the table are a stack ranking of each option with respect to that issue. The last few are yes/no, so are scored as 7 or 1.
- Effectiveness
- How effective the option is at guaranteeing email will be sent securely. All options can meet your security requirements, but some are better than others.
- Functionality
- How well the option handles success and failure. For example, asking what to do with the entire email is better than returning just one recipient to the sender.
- Affordable
- The cost of each option.
- Ease of Operation
- Does it make it harder for your users to send an email.
- Foreign Data Issues
- Does or could any of your data be stored or transported out of your country.
- Can See Your Email
- Does it get a complete copy of your email.
- Customer Affecting
- Do your customers (the people you send email to) also have to do something to use the option.
- Adds Point of Failure
- Is there something extra that could fail and take down your email.
- Ease of Setup
- How hard is it to install and configure the option, and if required, to move all your email to it.
- Ease of Maintenance
- How hard is it to keep the option in compliance, for example do you have to add new domains to it every time you email someone new.
- Security Risk
- Does it increase the chances of a breach, say by adding another device or supplier that could be hacked.
We welcome feedback on this analysis!
For More Information
See: