Published: 14 Apr 2016

The Voltage SecureMail product provides email encryption capabilities for enterprises. For all editions of Voltage SecureMail, this includes automatic policy-based encryption for outbound emails; for some editions, this also includes user-selected email encryption, automatic encryption of email between internal users, and file encryption.

Voltage SecureMail comes in several editions, including the following:

The rest of this article will assume the use of the Voltage SecureMail Enterprise Edition.

The three editions described above are all deployed within the enterprise's own facilities. Voltage also offers cloud-based email encryption through its Voltage SecureMail Cloud product, which is available in an Enterprise Edition for enterprise usage. Note that the SecureMail Cloud Enterprise Edition is not equivalent to the SecureMail Enterprise Edition in terms of functionality.

In terms of platform support on the server side, Voltage SecureMail is compatible with any email server because it's deployed as a gateway placed after the email server.

For sender-selected or sender-implemented email encryption, Voltage SecureMail only supports Microsoft Outlook. Organizations that wish to allow senders to control at least a portion of the encryption process must either already be using Microsoft Outlook or must migrate affected email users from their current email clients to Outlook.

The Voltage SecureMail product provides email encryption capabilities for enterprises.

Voltage SecureMail uses the Advanced Encryption Standard (AES) encryption algorithm in Cipher Block Chaining mode. The website for Voltage SecureMail does not state publicly what the product's AES key length is, but it must be at least 128 bits because that is the smallest possible key length for AES. The preferred key length for AES is currently 256 bits. Prospective customers are encouraged to ask Voltage how long SecureMail's AES keys are and to make this information publicly available.

Similarly, Voltage does not state on its website whether its products are Federal Information Processing Standard (FIPS) compliant, meaning they have been validated against a suite of third-party tests to confirm that encryption meets basic requirements. Although the FIPS website says Voltage as a company has received FIPS compliance certification, it is not clear whether this certification covers the Voltage SecureMail product. Prospective customers should ask about this when evaluating products.

As described above, through the use of the SecureFile add-on, file encryption can remain with a file even after the file is removed from the original email. This add-on also supports large file transfers. These features can take the place of alternative secure file transfer mechanisms in some cases, streamlining operations and improving their security.

Licensing information for Voltage SecureMail is not publicly available. However, a free trial of Voltage SecureMail Cloud is available.

Voltage SecureMail provides a variety of email encryption solutions for enterprises. Although this article covers the Enterprise Edition, the other editions may be a better fit for many organizations, particularly those with lesser requirements for email encryption. Voltage SecureMail is compatible with any email server, but if client-side support is needed, only Microsoft Outlook is supported. This is not an atypical situation, as the majority of email encryption products support Microsoft Outlook only. Voltage SecureMail also offers a SecureFile add-on that offers extra file encryption options that may take the place of secure file transfer mechanisms in some environments.

Encryption performed by Voltage SecureMail meets minimum strength requirements (i.e., the AES algorithm), but the product website does not state the AES key length nor does it declare FIPS compliance. Likewise, licensing is not covered by the website. Make sure to get information on these from the vendor before making a purchasing decision. Although Voltage SecureMail looks like a robust, flexible and strong solution for enterprise email encryption, without this missing information it's not feasible to make an informed decision about its acquisition.

the basics of email encryption software in the enterprise

In part two of this series, take a look at email encryption software from a business perspective

In part three of this series, learn about the procurement process for email encryption software

Learn how to secure Microsoft Exchange-based email with Exchange TLS

Check out our buyer's guide on email security gateways