The companies said they plan to release in 30 days a bundled appliance that combines the IronMail E-Class email security gateway with PGP Universal, a system that simplifies the process of encrypting enterprise email and message attachments.
The system is intended for use by organizations that need to comply with regulations which mandate data encryption to protect intellectual property and private information, and those having to meet the due care requirements of Sarbanes-Oxley, HIPAA, and the Gramm-Leach-Bliley Act.
It is designed for transparent encryption, said David Stanley MD of EMEA for CipherTrust. There is no longer any need for a user to hit the encrypt button before sending an email. It is automated. The system will enforce automatic encryption, depending on the rules of the policy engine. A message will be encrypted according to the preset policy, and according to who is sending the message, who is the recipient, and what the content contains, he said.
PGP Universal is designed to offload the hassle of encrypting and signing email from the client to the network, making PGP encryption virtually transparent to the end user. PGP is a public key cryptography method generally used in email. Usually, each organization is responsible for generating and publishing their public key, so that users can encrypt mail they send them. The complexity of that process has slowed the adoption of public key infrastructure among end users in general.
Pubic key management has been seen as an overhead of email encryption, said Stanley, but with this system, the key management process is handled automatically. An associated product known as PGP Satellite will deal with encryption of data on the return leg.
