Email Security

Email Security Highlights

• Secure Email - WebMail, POP, IMAP and SMTP encrypted using SSL; inbound email servers also support TLS for encryption on inbound email.
• Ultra-Secure Email - End-to-End Email Encryption via SecureLine.
• OpenID - Login to WebMail with certificates, hardware tokens, RSA SecurID, and other good identity verification options.
• SMTP IP Privacy - Anonymous SMTP.
• Auditing - View IMAP, POP, SMTP, and WebMail login histories for every user. Includes login IP address, connection security, and more.
• Xpress - Alternate WebMail interface that doesn't use cookies or JavaScript, for maximum security.

End-To-End Email Encryption

The SecureLine End-To-End Email Encryption Service is a service provided by LuxSci that allows its users to easily send and receive secure email messages to and from anyone on the Internet who has an email address - no matter what kind of email software or service that correspondent has and no matter how insecure that correspondent's current email services are!

SecureLine provides services compatible with PGP and S/MIME, as well as a secure message "Escrow" service that can be used to communicate securely with anyone.

See Also:

Email Security (TLS and SSL) and Privacy Features

Secure WebMail: Your passwords and the contents of all of your messages are encrypted via SSL (Secure Socket Layer) when transmitted to our WebMail application. No one can eavesdrop, and you know for sure that you are communicating with LuxSci!

Additionally, you can use our optional visual keyboard to enter your password using your mouse when logging into our WebMail portal. This tool helps you mitigate the possibility that spyware running on your computer (or the untrusted computer in the Internet Cafe that you may be using) could capture your password and deliver it to unauthorized people.

Secure IMAP and POP: Regular IMAP and POP are insecure in that your username, password, and all your messages are sent back and forth to the email server in "plain text" so anyone listening in can see your messages and discover your password. With Secure IMAP and POP over SSL, all of this information is encrypted so that no one can eavesdrop or discover your password!

Secure, Authenticated SMTP: Regular SMTP is insecure in the same way that regular IMAP and POP are, so anyone listening in can see your "plain text" messages and discover your password! With Secure SMTP, all of this information is encrypted so that no one can eavesdrop or discover your password! Our SMTP Server also requires authentication for SMTP Relaying so that you must send your username and password in order to send messages. This protects you and us from our servers being used for the sending of Spam.

Our secure SMTP services are provided via both TLS (Transport Layer Security; STARTTLS for SMTP) and SSL, and are thus compatible with all email clients that support one of these mechanisms.

Secure, Anonymous SMTP: Use our secure anonymous SMTP server to have all information about your computer, its Internet address, and your email client stripped from outgoing email messages. This provides enhanced privacy: your recipients will have no way of determining where you are sending your email from -- they will only be able to track the messages back to LuxSci's servers. Without this, recipients could use your computer address information to determine your physical location - the region, city, or even the address!

Secure Email Transmission with TLS: LuxSci's inbound email servers support "Transport Layer Security - TLS". This allows email sent to you from other companies to be encrypted and secured during transit from their servers to LuxSci's servers, assuming the sender's servers support this feature. This also means that any email internally from one user to another on LuxSci is secured during transport.

LuxSci's servers will also use TLS whenever possible for outbound email. See: SMTP TLS: All About Secure Email Delivery over TLS.

Login/Access Auditing: We track all logins to your account via POP, IMAP, SMTP, and WebMail. This includes the exact time and the IP address used, among other information. This auditing information is available to you, your account administrator, and technical support at all times. You can easily check if unwanted people or programs are logging into your accounts.

Auditing of Email Sending: We track all messages sent from WebMail, your email servers (via SMTP), and your web sites. This allows you, your administrator, and our support team to see what email messages are being sent when and from where. It also allows us to proactively stop Spam attempts -- even if they are unintentional or the result of web site insecurity. Note, records of message content are not available to your administrators or our standard support teams, so this auditing does not tread on privacy concerns.

Incoming Email Attack Guard: Attack Guard protects your messaging infrastructure from Denial of Service (DoS) attacks and other threats by the real-time monitoring and analysis of email traffic patterns. Dictionary attacks, mail bombs, email flooding and other attacks designed to interrupt service or harvest corporate or personal email addresses can be blocked with real-time detection. Additionally, the service scans the incoming Simple Mail Transport Protocol (SMTP) stream for abnormalities in protocol compliance and abuse. This service is automatically included as part of our Premium Email Filtering service.

Customizable WebMail Session Timeouts: Account administrators and users can customize their WebMail session timeout from the default of 2 hours to anything between 5 minutes and 8 hours. Account administrators can optionally enforce that user timeouts are no longer than the account-wide default.

WebMail Access Restrictions: Optionally restrict users' access to WebMail to a specified set of IP addresses or IP blocks.

Web Portal Security: Xpress

LuxSci provides an alternate secure members' web portal (the Xpress members' portal). Not only does the Xpress portal use minimal graphics for maximal speed, but it does not use cookies or JavaScript at all and suppresses some of the features of the full portal that may put you at risk, like viewing HTML attachments inline. The Xpress portal supports most of the features of the full members' portal (including WebMail, technical support, account administration, and file management facilities), and provides maximal browser compatibility and security.

It is your choice if and when you use the Xpress portal or the Full portal (which does use cookies, JavaScript and more graphics). While the Xpress portal is faster and more secure, the full portal is more user friendly and somewhat more fully featured.

See Also: About the Xpress portal.

Web Hosting Security

Web Hosting Security Highlights

• SSL: Secure web site hosting. We can provide SSL certificates for you, or you can bring your own.
• Secure Web and PDF Forms: Secure web and PDF form to email and/or secure archival service. Integrates quickly and easily with any web site hosted at LuxSci or anywhere else. See SecureForm.
• SCP and SFTP: Upload and download files from your web site or file storage location using Secure Copy or Secure FTP. This protects your username and password and the contents of your data from eavesdropping.

Account Administration Security Features

Account Administration Security Settings

Enforced use of SSL: Account administrators can choose to force their users to only connect to our email services (i.e. WebMail, POP, IMAP, and SMTP) over SSL. When the account administrator enables this option by checking a single checkbox in his/her account, all account users will be denied access to these services unless they connect over SSL-secured channels. Thus, enforcing policies regarding security use is very easy.

Password Strength: In addition to the SSL-protection of usernames and passwords, administrators can customize the required degree of complexity for user passwords. This can be anywhere from very weak to very strong (8+ alphanumeric characters that pass the "crack" password guessing criteria).

Password Expiration: Administrators can optionally force users to change their passwords after they get "too old"; one a user's password has expired services except for WebMail are auto-disabled until the user logins to reset his/her passwords. Administrators can configure the password expiration based on password age to be anywhere from 7 days to 1 year. Additionally, administrators can specify when the two emailed expiration warnings are sent to their users.

Login Session Enforcement: Account administrators can configure a maximum WebMail login session timeout for all users of anywhere from 5 minutes to 8 hours of inactivity.

Administrative Access: Administrators can delegate administrative access to other account users on a per-domain basis, as needed. Administrators can also manage multiple LuxSci accounts from a single login if needed.

SecureLine: Account administrators can enable SecureLine email encryption settings quickly and easily on an account-wide and/or domain-wide basis. This includes auto-creation of user PGP and S/MIME certificates, forced use of email encryption, inbound email auto-decryption, etc.

Maximal Security Setting

LuxSci provides account administrators with a "Maximal Security" button that allows them, in one click, to configure all of the global security options in their account to settings that ensure maximal security. This configures such things as forced use of SSL, strong passwords, and forced use of SecureLine (if you have purchased it) with S/MIME certificates.

Account managers can also contact support to have these settings "Locked Down" so that no one in the account can alter them without contacting support directly, getting approval, and leaving an audit trail.

If you want maximal email security and the assurance that it is setup correctly and cannot be circumvented, this is for you.

Collaboration Security Features

LuxSci's WebAides allow you to create a variety of collaboration instruments such as Blogs and file archives. LuxSci ensures the security of your data in many ways, including:

• PGP Encryption. You can choose to encrypt individual Blog entries and Files using PGP encryption. Supports the creation of personal and group PGP keys, the specification of the recipients of encrypted data on a per-entry basis, and the verification of digital signatures on all encrypted content. Entries encrypted via PGP are very secure. Even the LuxSci technical staff cannot access their content without access to your PGP key password (which is never saved in plain text on our servers).
• Access Tracking. You can enable access tracking on your Blogs so that users can see, for every entry, who created or edited the entry and when.
• Security & Access Control. Only people with a login to Lux Scientiae's web site can possibly access your WebAides (they are not public). You can also determine exactly who has permission to view your WebAides, add entries, edit entries, make comments, and administer your Blog. You can specify this per user, per user group, per domain, and/or per account. You can share your WebAides with other members of your account and/or members of other LuxSci accounts -- you decide.

HIPAA Security Features

As far as HIPAA, the Health Insurance Portability and Accountability Act, is concerned, email compliance implies "securing patient records containing individually identifiable health information so that they are not readily available to those who do not need them". It does not specify what technologies must be used to do this, leaving that decision up to the individual health care organizations.

LuxSci allows health care and other organizations to meet and exceed these goals by providing:

• Encrypted communications ensuring that no one can eavesdrop on your WebMail or email sessions.
• Login auditing so that you can track who accessed what services when and from where.
• Strict privacy policies ensuring that no one will access your data without your explicit consent.
• Secured servers ensuring that no one except you has access to your email data.
• Easy integration: LuxSci's security services work with any modern web browser or email client and are simple to configure.

See also:

• Email for Regulatory Compliance and HIPAA.

• SecureForm - Secure Web and PDF form to Secure Email service

• What Makes a Web Site HIPAA-Secure?
• What HIPAA Says about Email Security
• Is a FAX document HIPAA-Secure?

Pricing

Choose a package or build your own

• View Packages

 Dedicated server options

• Dedicated Server Options

 Pricing information and questions

• Free Price Quote

 Try before you buy

• Free Trial Account

 Get personalized help

Need help placing an order? Prefer speaking with a member of our sales staff? Request a Sales Callback or Contact Us.