Overview of Secure Messages
A Secure Message is a type of encrypted email message. Some Secure Messages are password-protected, whereas others are encrypted but do not require a password.
If you receive a password-protected Secure Message, you need to set up a free user account with Cisco Secure Message Service to open your encrypted message.
After you enroll with the service, you can use your account password to open all Secure Messages that you receive—from any sender. You can also use the service to send and manage your own Secure Messages.
Why Use Secure Messages?
Secure Messages enable you to easily send and receive encrypted email. Typically, senders encrypt messages to prevent important or confidential information from getting into the wrong hands. Encryption protects against accidental breaches of security, as well as intentional illegal and malicious security breaches. Often, when individuals or organizations send Secure Messages, they want to protect confidential information for the benefit of the recipient. In some cases, senders are required to maintain confidentiality because of government regulations or statutes. For example, a health care provider might use a Secure Message to convey confidential information about a patient’s medical history, and a financial institution might send protected information about a personal bank account.
Secure Message Notification
When someone sends you a Secure Message, you receive the following files:
-
Notification email message. The notification message indicates that someone has sent you a secure, encrypted message in the form of a Secure Message. The notification also includes links to information about Secure Messages and Encryption Service.
-
Encrypted message file attachment. The notification message includes an encrypted message file attachment. The file attachment uses the naming convention of securedoc_date Ttime .html where date and time are represented as a numerical date and time stamp that are added to the file. For example, you might receive a file called securedoc_20100615T193043.html, where the year, month, and day are represented as 20100615 and time is represented as 193043. This file contains both the Secure Message and the encrypted content. To view the Secure Message, save the file attachment to your hard drive. Then, double-click the file to display the Secure Message in a web browser. Typically, a computer must have an Internet connection to properly display the Secure Message and decrypt the message.
Note
If the email administrator has enabled the support for large file attachments, and the secure message contains a file attachment of size greater than 25 MB, then the securedoc html attachment is not present in the secure message.
The notification message that you receive will look in one of the following ways:
-
The following figure shows a notification email message with the Read Message button. To read a secure message, click the Read Message button. By default, the Read Message link is valid for a maximum of 14 days. After the link expires, you can read messages by opening the attachment in a web browser or forwarding the message to mobile.res.cisco.com.
-
The following figure shows a notification email message with the Read Message button. The email expiration month is in text format and the day of month with timestamp. This new date format is applicable for custom templates only.
-
The next figure shows a notification email message without the Read Message button. To read a secure message, open the securedoc_dateTtime.html file attachment in a web browser or forward the message to mobile.res.cisco.com. For more information, see Steps to Opening Your First Secure Message.
-
The following figure shows a notification email without the securedoc html attachment and the expiry date. This notification type appears when the secure message contains a file attachment of size greater than 25 MB. Click the Read Message button to open the secure message.
Note |
The file attachment includes software to decrypt the encrypted message when you enter the password for your user account. In some cases, the included software cannot decrypt the message, and you must use one of the alternative decryption methods. For more information about alternative methods for opening secure messages, see Troubleshooting Secure Message Issues |
Note |
Some encrypted messages may be sent to the Spam folder. Please check your Spam folder for secure messages. Additionally, you may notice a yellow or red warning banner on secure messages. You can click the "Looks safe" button. |
Note |
You cannot open a secure message if its encryption key has expired. Your email administrator configures the validity of the encryption key. If the encryption key has expired, you will see the error message: "Cannot open this secure message. This secure message has expired due to the security setting configured by the administrator." |
Components of a Secure Message
When you click on the Read message button in the received secure message, it directs you to the web browser and the message is displayed.
The Secure Message login page displays the recipient email addresses in a searchable drop-down box. You can use the searchable drop-down box to open a secured message in any one of the following ways:
-
Select the required recipient email address from the searchable drop-down box.
-
Search for a recipient email address by entering any character that matches the recipient email address in the searchable drop-down box.
Note |
If JavaScript is disabled on your web browser, you will not be able to search for a recipient email address. You can only view and select the list of recipient email addresses in the searchable drop-down box. |
If you send a Secure Message to a single recipient, the “Your Address” field is auto-populated with the recipient's email address. If there are multiple recipients in the 'To' and 'CC' address fields of the Secure Message, the “Your Address” field is auto-populated when you enter any character that matches the recipient email address in the searchable drop-down box.
Note |
If you have received the secure message as a BCC recipient, you need to select the ‘Address Not listed’ option from the searchable drop-down box and enter the recipient email address manually. |
If you have already enrolled with the service, the Open button appears. Click the Open button to decrypt the content and view your message.
If you have not enrolled with the service, you will be directed to enroll and create a user account before you can enter your password. If your email address is not associated with a user account, the message may display a Register button. In that case, click the Register button to enroll with the service.
When you open the securedoc attachment in the received mail, the Secure Message is displayed in a web browser.
The following table describes the important features of a Secure Message highlighted in above figure.
Feature |
Description |
||
---|---|---|---|
Address fields and subject line |
The address fields identify the sender in the From: field and intended recipient in the To: field. |
||
Password field |
If the secure message is password-protected, enter your Encryption Service password to open the message. If you have not enrolled with the service, you will be directed to enroll before you can enter your password. |
||
Open button |
If you receive a password-protected message and you have already enrolled with the service, the Open button appears. Click the Open button to decrypt the content and view your message. The Open button appears only after you enroll with the service and create a user account. If your email address is not associated with a user account, the message may display a Register button in place of the Open button. In that case, click the Register button to enroll with the service. If the Secure Message was sent to you with low security, you will see an Acknowledge button instead of an Open button.
|
||
Sign in with Google button |
If you have a Google account, you need to register by clicking the Google Sig-up button. After registering, you can sign in with Google and read your secure messages. In this case, you do not have to enroll with Encryption Service or enter the Encryption Service password. |
||
Help link |
Click the Help link to access the online help for Secure Messages. The online help describes the standard and alternative methods for opening Secure Messages. It also provides a link to frequently asked questions (FAQs). |
||
Message security level |
The message security level can be low, medium, or high. The default is medium. When a message is sent with low security, you do not need to enter a password to open it. Medium security enables standard password features. When a message is sent with high security, you must always enter a password to open it, even if you previously chose the “Remember me on this computer” option. |
||
Remember Me checkbox |
Select the “Remember me on this computer” check box to have your settings remembered on your computer. These settings vary depending on the encryption profile. For example, when receiving a medium security message, you may not have to enter a password to open it, but when receiving a high security message, you will always have to enter your password. |
||
Language |
Select the language that will be used to translate incoming Secure Messages. This selection will override the language that is determined by the System Default Locale set in the BCE configuration file. |
||
Logo |
Displays the image that you chose as the custom logo for the envelope profile in Account Management > Branding > Images page in the Encryption Service application. |
For information about other Secure Message features, see the frequently asked questions (FAQs) at:
https://res.cisco.com/websafe/help?topic=FAQ
Many Secure Message components vary from each other, depending on several factors, including:
-
The sender’s account configuration.
-
The software available on the recipient’s computer.
-
Modifications that email gateways sometimes make to the encrypted message file attachment.
-
The status of the recipient as either enrolled or unenrolled with the service.
Secure Messages are dynamic, and the components of a particular message can vary over time.