Showing results for 
Search instead for 
Did you mean: 

Composing secure email (External CRES User)

Hi all,

Does anyone know if an external user who is not connected to an IronPort appliance can compose an encrypted email without disclosing the email body to CRES service?

The use case is as follows:

  • an Enterprise User, using IronPort, sends a secur email to an External User outside the origanization
  • the External User, on the first incoming message, registers with CRES portal and decrypts the email
  • the External User then needs to securely reply to the Enterprise User (or initiate a new secure message)
  • the External User logs into CRES portal and composes the email and clicks on SEND

In the above scenario, the message body of the message sent by External User is visible to CRES service (because it is composed at the service). Is there a configuration in which External User could send a secure message and encrypt the message on his desktop, for example:

  • via a browser plugin that fetches the key from CRES and encrypts locally on user's machine?
  • if external user has access to Outlook (but no IronPort), could the CRES plug-in for Outlook be configured such that it connects to CRES and fetches a key and encrypts a message on the local machine (and thus protected from being visible to CRES)?

Thanks for any help.




Ability to encrypt emails directly from outlook plugins will be in the upcoming release version of Plugins (7.3)

OK, thanks.

If the direction is to allow external users to encrypt via their desktop (using the plugin), does it mean in future the EXTERNAL mobile users (using BCE native mobile app) would also be able to send encrypted messages? As I understand it, today BCE only allows external users to receive encrypted email on their mobile device but they need to compose email via CRES portal.


The direction will be to allow for secure reply to an email in the BCE app and in the Outlook plug-in, but also to allow the administrator to control those for Cisco Email Security customers who may not want encrypted emails inside their environment.

The 7.3 version of the plug-in will be provisioned in a similar method as the BCE application. As a CRES admin for your own email domain, you will be able to send a provisioning emial to an external mobile user if you wish to give them the ability to do a secure compose or secure reply.

Thanks. This is very helpful.

Sent from Cisco Technical Support iPad App

Content for Community-Ad