Email Encryption
Email encryption provides Fordham University employees a method for safeguarding the content of email messages from being read by unintended recipients while in transit. Encryption renders the content of your email (including any attachments) unreadable as it travels from origin to destination.
Fordham has partnered with Proofpoint® to provide email encryption to secure messages to people outside of Fordham, that is, to non-Fordham email addresses. In addition, email communication within the Fordham domains, fordham.edu and law.fordham.edu, is automatically secured while in transit.
Sending an encrypted email message to a non-Fordham email address requires an extra step. Additionally, recipients of encrypted email will need to complete a one-time registration with Proofpoint to receive and decrypt secure messages. When sending sensitive information to an external organization, please contact them to see if they have a secure upload or sending solution as well. Some business partners require data to be sent via their built-in channels.
How to Send Encrypted Email Messages
Using the email encryption service is easy. Simply add [encrypt] to the message’s subject field. Be sure to include the square brackets.
For example:
Subject: Important documents enclosed [encrypt]
This step is only necessary when securing an email to an external (non-Fordham) email address.
Replies to this message will also be encrypted in transit and seamlessly decrypted and readable in your Inbox without requiring extra steps.
You may include multiple recipients and attachments. The body of your email and its attachments will be encrypted. However, the subject line will NOT be encrypted and should not include sensitive information.
Before sending an encrypted email to an external recipient for the first time, inform them they will need to complete a one-time registration process with Proofpoint® before being able to read your encrypted email message.
What Recipients Must do to Receive and Read these Messages
Non-Fordham recipients of encrypted email will receive a notification with a secure attachment titled “SecureMessageAtt.html”
Figure 5. Non-Fordham encrypted email message
The first time they click on the attachment, a registration box will open, asking for their first name, last name, and password. A verification email will also be sent to the email address that is registered. Please check your spam/trash folder if the message does not appear in your inbox.
Once your recipient has registered, they can read the email. Registration is only required once. Clicking on subsequent emails sent with Fordham encryption will bring them to a login screen for their Proofpoint® mailbox, where their secure messages are stored.
Notifications to external recipients will also include a link (labeled Click here) to facilitate reading encrypted emails on mobile devices which cannot open email attachments.
Recipients will be able to reply to encrypted messages but will not be able to add additional recipients.
If a recipient forgets the password they set during their Proofpoint encryption registration, they can click the “Forgot Password” link on the Login screen. A password reset message will be sent to the email address they had registered. If the password reset email does not appear in your inbox, check your spam/trash folders.
Frequently Asked Questions (FAQs)
What types of the email should be encrypted?
Fordham Protected and Fordham sensitive data emailed to non-Fordham recipients must be encrypted before transmission. Please refer to our Data Classification Guidelines to review the types of data considered Fordham Protected and Fordham Sensitive data.
If you have questions about how to share data securely with colleagues within or outside the University, please contact Information Security and Assurance at [email protected].
How shall I alert my external recipients of the one-time registration required?
We have provided a sample email for you to inform first-time recipients of encrypted email from Fordham University.
Sample Email:
Fordham University uses email encryption technology to secure sensitive information distributed through email. I will be sending you an encrypted email soon. Here are the steps you must take to read that email.
- You will receive an email notification from Fordham University that a secure email has been sent to you. However, you will need to complete a one-time registration with our security software partner, Proofpoint® Security, before being able to read this email.
- Click on the notification’s attachment titled “SecureMessageAtt.html” to complete the registration. The notification will also include a link (labeled Click here) to facilitate reading encrypted emails on mobile devices which cannot open email attachments.
- Ensure your web browser is configured with JavaScript processing enabled during the registration process.
- There is no cost to register for, receive, or reply to Proofpoint-encrypted email.
- Registration is only required once. Then, clicking on subsequent encrypted emails sent from Fordham will bring you to a login form for your Proofpoint mailbox, where your secure messages are stored.
What is a digital signature?
A digital signature identifies the sender of the email and protects against spoofing. Email spoofing is the creation of email messages with a forged sender address. When viewing a secured email in the Proofpoint email Inbox, “Digital Signature is VALID” will appear in the upper right-hand corner. A message with an invalid signature will not be delivered.
If you have other questions on email encryption, please contact the IT Service Desk at (718) 817-3999, [email protected], or fordham.edu > Tech Help page.