Businesses worldwide have reported $12 billion in fraud losses since 2013 as a result of 78,000 BEC attacks (FBI). To address this cybersecurity risk and increase compliance with industry and government regulations, Sectigo (formerly Comodo CA), the world’s largest commercial Certificate Authority and a leader in web security solutions, has released the industry’s first Zero-Touch deployment email encryption and digital signing solution to use the Secure/Multipurpose Internet Mail Extension (S/MIME) protocol.
Sectigo Zero-Touch S/MIME enables both public and private S/MIME certificates to be issued from a single, cloud-based platform. The product uses automation to deploy digital certificates across every desktop, tablet, and mobile phone in an enterprise, modernizing email security and removing the burden on users of manual push and pull approaches to email encryption.
With this release, Sectigo is the first provider to enable email gateways to scan encrypted traffic in order to detect malware or other malicious content. The solution also allows the gateway to sign email on behalf of the sender.
Zero-Touch deployment of S/MIME addresses the industry’s growing need for email encryption due to BEC and other spear phishing schemes that can expose vulnerabilities and lead to costly fines. These threats have led to enactments of regulations such as HIPAA/HITECH, GDPR, and the United States Department of Defense’s DFARS, requiring contractors to comply with email encryption to minimize risk of a breach.
Modernizing email security
S/MIME email certificates update the security profile of the email communication by authenticating the sender, encrypting the email content and attachment, and providing assurance of integrity. Unlike traditional S/MIME certificate deployments, which place the burden on the user to participate in manual certificate and key management for desktop and mobile devices, Zero-Touch deployment is designed to be invisible to the user.
“Sectigo is the first web security provider to deliver public-trust S/MIME. Our Zero-Touch deployment product responds to market demand for automation of email identity management with a frictionless email security solution that leverages the strength of S/MIME,” explained Lindsay Kent, VP of Product Management, Sectigo. “Our customers enjoy the efficiency of iOS, so we are delivering on the promise of S/MIME by fitting into architectures to deliver a similar user experience.”
Encryption key features and interoperability
Sectigo Certificate Manager enables S/MIME interoperability with secure email gateways (SEGs) so that enterprises can continue scanning encrypted emails – an industry first. The platform’s encryption key history and escrow capabilities allow recovery of lost or destroyed keys, even after the certificate holder has left the company, as well as decryption of emails using older keys.
Sectigo sends the entire encryption key history to all desktop and mobile mail applications, enabling decryption of older emails. The same keys and certificates can be pushed or pulled on both mobile and desktop devices.
Available today, Zero-Touch deployment S/MIME is a single application within the larger enterprise management platform offered by Sectigo. The solution works with the most popular email operating systems including Microsoft Outlook and Exchange, as well as Apple Mail, with additional application integrations coming in this spring.