LuxSci as Secure Connector for Gmail = LuxSci Email Encryption for Google

June 8th, 2015

Gmail and Google Workspace users can route their outbound email through LuxSci to take advantage of SecureLine email encryption, which enables HIPAA compliant sent messages, plus LuxSci’s extensive outbound email management tools.  If you prefer the Google interface or need to use it for some reason, but require encryption and/or compliance, you can meet your needs by adding on LuxSci.

Google Apps

What Google Doesn’t Provide

If you subscribe to regular Gmail, or even Google Workspace and get Google’s version of “HIPAA Compliance”, you don’t get email encryption as part of the deal.  In fact, with “HIPAA Compliant” Google Apps, sending email is in fact not compliant unless you separately purchase a very expensive email encryption option from Google (which they don’t even tell you about), or unless you use a third party HIPAA compliance solution to encrypt your outbound email.  See: Google Apps HIPAA Compliance Gotchas: Email encryption not included and higher price.

LuxSci as a Third-Party Solution

Google Workspace users can configure their accounts to use a third party “SMTP Relay”.  Once set up, all email messages sent from addresses so-configured are routed from Google to the third party’s email server (e.g. LuxSci in this case).  To LuxSci, it looks like you have connected securely from some email program to send outbound email. It just so happens that the “email program” in this case is Google.

Once LuxSci authenticates you and receives the message, it performs all of the usual outbound email processing tasks that have been setup for your LuxSci account.  These could include:

  1. Encryption: HIPAA-compliant outbound email encryption
  2. Capturing: Sending copies of outbound email to another address
  3. Tag Lines: Adding custom tag lines and/or disclaimers to all outbound email
  4. Content Monitoring: Scan outbound email for specific text or regular expressions and block or encrypt matching messages.
  5. Recipient Restrictions: Controlling to whom messages can be sent
  6. Outbound Email Filtering: Combined with our Premium Email Filtering, you can have outbound email scanned for viruses, content, and other unwanted features
  7. Archival: Archive copies of all outbound email for compliance and/or business purposes.
  8. Tracking: LuxSci tracks the delivery status and properties for each message to each recipient.  Once your email is relayed through LuxSci you can view reports on this and/or have emailed digests sent to you to monitor your messages.  This includes message sending failures, as well as FeedBack Loops with ISPs.

Getting Setup Up: Google Workspace + LuxSci

Once your Google Workspace account has been set up, your administrator should be sure that “Outbound Relaying” is permitted for the account users.

Next, purchase a LuxSci Secure Connector account.

Add any additional features and settings that you may need, such as:

  • HIPAA compliance
  • Email archival
  • A number of users equal to the number of people that will be relaying through LuxSci from Google
  • Specify the domain name(s) for the email address(es) that these people will be using for relaying through LuxSci

Once your LuxSci account has been set up and the users created, your individual Google users can add this as a new account in their Gmail interface.

To setup an outbound relay at Google through LuxSci, follow these instructions in your LuxSci account.

Once you’ve added and confirmed your LuxSci SMTP account, you will be able to select me@mydomain.com as the From address of messages you compose in Google. Any message sent using this From address will automatically be relayed through your LuxSci secure SMTP server.  You can read this help online, with specific settings filled in for your account here.

Things to Watch Out For!

SPF Records: Google likes you to add SPF records for your domain to validate which servers are allowed to send email for your domain.   If you use LuxSci as described here, you will need to add LuxSci to your SPF record as well.  Simply add “include:luxsci.com” inside of your existing SPF records, and you will be all set.

Google really provides very little administrative control to assist in assuring that compliance is properly met.  So, if you go this route (rather than getting email services directly from LuxSci, for example), be sure to cover all of this in your HIPAA training and internal security requirements so that your employees know exactly what they should and should not do.  Also, institute some means of reviewing each user’s individual Google login to be sure that the settings meet your internal guidelines.  This kind of review should be periodic, and even better, somewhat random (like a drug test).

LUXSCI