Entrust Inc., the Dallas-based security vendor spun off from Toronto-based Nortel Networks Corp., announced Tuesday a managed e-mail security service that uses digital certificates.
Entrust Secure E-mail Certificates is available now and works with browsers such as Microsoft Corp.’s Internet Explorer and Google Inc.’s Chrome, said Scott Shetler, Entrust’s senior product manager.
S/MIME, originally developed by EMC Corp.’s RSA security unit, is an Internet Engineering Task Force (IETF) standard that adds both digital signatures and encryption to e-mail messages in the Multipurpose Internet Mail Extensions (MIME) format, which lets users add graphics, audio and other formatting to e-mail messages.
Entrust’s Secure E-mail Certificates is available in two versions. The personal version, which costs $20 per seat, provide basic encryption using the International Telecommunications Union’s X.509 public key infrastructure standard. The enterprise edition lets users digitally sign word processing documents and allows administrators to revoke users’ digital IDs when they leave the company.
David Senf, director of IDC Canada’s infrastructure solutions group, stated in an e-mail to Network World Canada that the Entrust service “is a step forward towards ease of use for message security …”
But he added “it will not bring about any large scale change in business and consumer bad habits.”
The bad habits Senf referred to include the transfer of financial and human resources data through e-mail.
“E-mail is one of the top two applications that Canadian firms will allow to be handled in the cloud,” Senf wrote. “Applications for finance or HR on the other hand are not high on this list. However, it is not uncommon at all for financial and HR information to be sent over email. Odd isn’t it?”
He added e-mail encryption and non-repudiation are critical functions but “overlooked” by some organizations.
Shetler said with its new service, companies that issue new keys to users will automatically have the original certificates revoked.
“There are a number of things that would happen that means you need another certificate,” he said. “You forget your password and need a new one, or
your machine blows up and you need to re-image your machine.”
In addition to PKI products, Entrust also provides Secure Sockets Layer (SSL) technology to governments and private businesses. Shetler said he expects most customers of Entrust Secure E-mail Certificates will be in the private sector.
Entrust was founded by an Ottawa security expert, Brian O’Higgins, in 1993 in Ottawa as a division of Nortel Networks Corp. Its early customers included the Royal Canadian Mounted Police, the Department of National Defence and the Bank of Nova Scotia. It was later spun off as a separate firm with a headquarters near Dallas. O’Higgins later moved to intrusion prevention systems vendor Third Brigade Inc., which is also in Ottawa and was recently acquired by Trend Micro Inc.