- Provisioning a new Customer
- Customer Order Form
- Trial VS Certified Secure
- Developer API Toolkit
- Office Add-in Enterprise
- Web Admin Console
- User Account
- General & Feature Settings
- Secure Message Disclaimers
- Security Policies
- Registration Filters
- DLP Content Filtering
- Local Email Client Store
- API Secure Delivery
- Admin User Access Levels
- Technology & Deployment
Download Adobe Reader
Copyright 2017 Secure Messaging Apps Inc.
All rights reserved.
Provisioning a new Customer
To provision a new customer, please obtain your Cloud Command Center (CCC) credentials from your partner and login here: https://ccc.secure-messaging.com.
At a minimum, the following information is required when using the online Secure e-Form:
- Customer primary email domain.
- Customer Website, to be used for branding purposes. If a different branding should be provided, see section below to provide the required images for the configuration of the new customer.
- Main contact name and email address of the customer, or the reseller if the reseller would like to be the first point of contact (the first user to be invited).
- The Trial term is set by default to 30 days.
Branding a new Customer
Every Secure Email portal is branded for the customer to increase user adoption. The following two (2) images are required. If no images are provided, our staff will create them on your behalf based on the website URL provided with the order:
- 700*45px banner JPG – filename: ‘banner_ customername.JPG’
- 64*64px PNG – filename: ‘icon64x_customername.PNG’ (transparency OK)
Dashboard: Managing Users
Before you get started, please ensure you have access to the Web Admin Console to provision and manage your customer’s Secure Messaging platform. Please contact your account manager to obtain credentials to the Web Admin Console.
The Dashboard presents customer usage statistics. A list of users is provided, along with metrics for each user. Please use the ‘Update Statistics’ feature to refresh the information on screen. Because many statistics are available, the Dashboard automatically refreshes every 2 hours instead of providing real time analytic.
To manage users, click on their Email Address in the Dashboard to access the User Account screen:
- User Group: upgrade or downgrade users by selecting from the available list of User Groups. Click here for a list of defaults available User Groups.
- Status: A user status can be set to either ‘Enabled’ or ‘Disabled’:
- Enabled Users can access the Secure Messaging platform based on their User Group assigned.
- Disabled Users cannot access the Secure Messaging platform, and do not count for billing purposes. To preserve auditability, users cannot be deleted.
- Blacklist Mode: Select whether the blacklisted keywords and regular expressions apply to this User for secure messages or both secure and unsecure messages (when using MS Outlook).
- Default Secure: Select whether the default secure keywords and regular expressions should apply to this User, and if so, based on the rules as defined under the Security Policies Sections of the Web Admin Console, or always. The latter requires certain users to always send every message secure, whether the user selects to send messages secure or not.
- Reset Password: To reset a user’s password, click the button to send a password reset email notification to the User. For security reasons, administrators cannot set passwords on behalf of users.
- Resend Notifications: If the user has not registered yet, you can use the button to ‘Resend Invitation’. For users that have registered and installed the MS Outlook Toolbar, use the ‘Send Outlook Activation’ button to help them establish a secure connection within MS Outlook. Note that these two options are available to the user within their account. These actions in the Web Admin Console are there for troubleshooting purposes only, and do not need to be triggered in order for the user to get started.
Managing User Email Aliases
In some cases, I.T. administrators set up what is referred to as ‘email aliases’ for a user email account so that any message sent to ‘firstname.lastname@example.org’ will get rerouted to ‘email@example.com’ (as an alias of the former, for example).
95% of all support requests come as a result of a user having email aliases. Since the Secure Messaging platform is all about security, it does allow a secure message to be decrypted when a secure message is sent to an alias email of the main MS Outlook default email account. Professional users can self-configure their email aliases in the Webmail Portal. Guest users cannot configure email aliases. Using the Webmail Portal also allows Professional users to have several email accounts available all within the same secure account.
Users can either define their own email aliases in the Account Preferences section of the Webmail Portal, or an administrator can trigger the process on their behalf. Creating aliases for users will send them a basic email notification to that email account to validate ownership of the email address. Users must confirm that they legitimately own the email address by clicking a confirmation link in the email notification that is sent. Most users do not need to set up email aliases, and a proper deployment plan should account for this configuration early on with the customer.
If the Email Alias module is enabled on the Secure Messaging platform, there are no additional ‘per user’ cost for each email aliases; it is included in the price of the Professional user license.
Features of the Secure Messaging platform can be enabled per customer. Note that enabling some of these features may incur additional fees. Features must be enabled in the section in order to be available for each User Group (even if the same feature is enabled in the User Group, this section takes precedence).
Use this section to change the default link of the banner in the Secure Webmail Portal, and change the Login screen message. For resellers, please keep your demo default Secure Messaging platform up to date with the latest messaging you require, as every new customer’s default messaging will be inherited from your default account.
Use this section to add legal message disclaimers that will be appended to every secure message, and their notification. The injection of these disclaimers is done at the server level, overriding personal user preferences.
To comply with the CAN-SPAM Act, enter the mailing address of the customer in the format ‘This secure message sent by ABC Medical, 1234 ABC Street, NY, NY’.
Default User Groups
Select the default User Group that users will inherit when they first register with the Secure Messaging platform. Note that these defaults can be overridden in the section below under ‘User Registration Filters’. Set the default registered User Group to the one that will be most used for the users of the Secure Messaging platform. Administrators can manually upgrade each user to grant additional privileges (with a more permissive User Group) if required.
Use this section to define the various timeouts associated with a user session (when using the Webmail Portal, Mobile Apps), how long a user has to reset a password after the reset password action is triggered, and how long a user has to enter their authorization code when registering after they have completed the first registration step.
User Registration Access
The Secure Messaging platform can be configured to be ‘Open’ access and let any new users join freely (self-registration without restrictions or requiring an invitation from an existing Professional user). This Open access mode is ideal for customer facing activities. Alternatively, it can be set to be ‘Controlled Access’ whereby the Administrator must white list each email address or email domain manually.
With either setting, ‘By Invitation Only’ can be enabled (recommended), meaning that self-registration will not be possible; new users must be invited by an existing ‘Professional User’ in order to gain access to the Secure Messaging platform. This setting is recommended in most cases to avoid random strangers from joining your Secure Messaging platform and taking advantage of its many features.
There are three levels of authentication for newly invited Users. The default, ‘Level 1 Security (Get the Invitation – Quick Registration)’ only requires new Users to obtain a valid invitation from a Professional User, click the link in the invitation message and choose a unique password. Turning off ‘Allow Quick registration’ engages ‘Level 2 Security (Confirm Email Address – Registration)’ and requires users to first select a unique password, and enter an authorization code that is sent via basic email to the user’s email account. The third, ‘Level 3 Security (Challenge Response Authentication – CRA)’, requires that the newly invited users enter a secret pass code as entered by the Professional User that invited them before being able to complete the registration and access their secure messages. Domains can be excluded from CRA in the next section.
Membership Registration Filters
This section allows the administrator to set rules to either ‘white list’ (allow) or ‘blacklist’ (disallow) email addresses or domains from registering with the Secure Messaging Platform, and set a default User Group per domain.
- Type: Enter whether the new rule applies to a domain (e.g. @yourcompany.com) or to a specific individual email address.
- Domain VS Individual: enter either the domain or the email address for this rule. Only one instance can be entered per rule.
- Access: Specify whether this rule allows or denies registration to the Secure Messaging Platform.
- User Group: If allowed, specify the default User Group.
- CRA Authentication: Specify whether the CRA applies to this specific domain (CRA must be enabled first).
- API Secure Delivery: Check this option if Email Archiving is enabled for this customer. All secure messages received and sent from this domain will be automatically archived (decrypted) through the API output (Secure API Delivery must be enabled first).
- Share Sent Items Read Rights: Use this feature to allow all users that are part of this specified domain to share sent secure messages reading rights (e.g. will authenticate based on domain instead of email address). This feature is required when sent secure messages are store in third party CRM or ERM systems where other staff will require to the stored .MSG file at a later date. This option also enables sharing / viewing of the Delivery Slip details by all users of this same email domain.
The Content Filtering section allows administrators to define keywords, regular expressions or email domains that trigger either the blacklisting or default secure if they are contained in messages. Some default regular expressions are available via lexicons (checkboxes). To force every message containing a file attachment to be sent secure, check the option labeled ‘Messages with File Attachments’. Content filtering is configurable per Professional User under the Dashboard section of the Web Admin Console.
Note: Making changes to the rules may take a few minutes for the MS Outlook Toolbar to receive the latest rule sets. To trigger the new definitions, simply select a secure message in your MS Outlook Inbox (or refresh the Delivery Slip).
Local Email Client Store
This section allows administrators to specify behaviors with MS Outlook Toolbar content storage.
- Enable Local Store: Allows secure messages to be stored decrypted locally in the email server (e.g. MS Exchange, PST File).
- Auto-Retrieve Attachments: Automatically downloads and stores file attachments in the local store (e.g. MS Exchange, PST File). Specify the maximum file attachment size that should be automatically downloaded. Other larger files will remain available only on the Cloud server. Requires ‘Enable Local Store’ feature.
- Auto-Retrieve Sent Items: Automatically decrypts sent messages and stores them in the local store (e.g. MS Exchange) (preferred). Requires ‘Enable Local Store’ feature.
- Enable Webmail Sent Items Sync with Local Store: Automatically syncs sent items from the web and mobile enabled Secure Message Center and Mobile Apps with the local store (e.g. MS Outlook and MS Exchange).
Unless provided by your reseller, it is recommended that you create an Admin Support email address with your corporate email domain (e.g. firstname.lastname@example.org) and invite that email address to the Secure Messaging platform. A default support email address is provided when the Secure Messaging platform is first configured. This support email address is used for sending all system notifications and invitations to new users. If you do not have a support email address, leave the default as set by your account manager. This support email address is also used when users report an error (all issues reported through the various access programs will be forwarded to this support email address). Use the ‘Default Invite Message’ section to change the default welcome notification message new users see when receiving a secure message for the first time.
Use this section to change the default Welcome message new Users will see when first logging in to the Webmail Portal. Resellers, please add your marketing promotions in this ‘Welcome Message’ that will be visible to all users of your customers.