Key Features

Introduction

Service Information

ZSentry, ZSentry Mail, Zmail and Sans Target are NMA trademarks since 2001. Zmail is the secure Mail module of ZSentry.

NMA ZSentry offers users online access to on-demand Services, providing for secure reception and transmission of messages electronically. Each of these Services may be web-, desktop-, server-, or mobile-based. Each Service utilizes an Interface, accessed through compatible and allowed means, such as a web-browser, an email client, or a server.

ZSentry includes three distinct ways to communicate securely, your way:

ZSentry App: the web-based way to send, read and store secure email & files with your own choice of email provider, whether or not web-based. No installation or plugin. Works in Windows, Mac, and Linux, for desktop, cloud, and phone. No setup. Also provides self-management functions, including service personalization and password reset 24/7.

ZSentry Client: if you’re not using ZSentry with a mail or cloud client you’re missing the full picture! ZSentry Client is the app-less way to send, read and store secure email & files with your own choice of mail / cloud clients. No installation or plugin. Works in Windows, Mac, and Linux, for desktop, cloud, and phone. Flexible setup options, mashing mail and cloud clients for worry-free regulatory compliance according to your environment needs. No need to login after setup.

ZSentry API: you can easily access the ZSentry “bare metal” for maximum flexibility & performance. ZSentry API is the server-side way to send, read and store secure email & files with your own choice of email server. Also works client-side. No installation or plugin. Works in Windows, Mac, and Linux, with .NET, C#, Java, PHP, PowerBuilder, and more. Works with Exchange Server and Postfix.

Centralized Administration

ZSentry Premium offers Services for centralized administration of users by an organization, while protecting user privacy.

Two Factor Authentication

This Service employs the ZSentry technology for two factor authentication of users. Upon registration to the Service, the Service authenticates the user's mailbox by cryptographic challenge-response and issues directly to the user a digital certificate (the DTC™, or Digital Transaction Certificate). The DTC is compact, mnemonic and can be typed by the user for access authorization to use the Service, as if it is a username or Usercode. The Usercode (DTC) value is unpredictable and its use is protected by a user-defined Password. Combined, the Usercode and the Password values are sufficiently unpredictable to prevent dictionary or brute-force attacks within the operational parameters. The Service does not have or maintain copies of the Usercodes or Passwords. Both the user's Name and Email address are authenticated, in a manner similar to PKIX/X.509 authentication.

User Authentication

Mutual authentication is provided first, whereby registered users start by authenticating the server in a two-phase process for SSL web access and also for SSL/SMTP access.

In the first authentication phase for SSL web access, the user submits the Usercode (the DTC). Afterwards, but before the user inputs the Password, the server using the ZSentry technology provides a Return Code (RC) for visual authentication by the user. The RC is previously known to the user but was not provided to or exists in the server. This is the second phase of the ZSentry authentication process and provides protection against server phishing and spoofing, as the ZSentry server must have the correct key to calculate the correct Return Code. If the RC displayed matches the RC known to the user, the user inputs the user-defined Password. If the Password is validated using the user's previously submitted Usercode (DTC) and a Service-supplied key (the Service-supplied key does not depend on the user), then mutual authentication is completed to grant user access and the user access keys are calculated by ZSentry.

For SSL/SMTP access, there is no spoofing concern for the user entering data at a false site. The first authentication phase is provided by verifying the user's email address, followed by Usercode/Password authentication.

The ZSentry user authentication process is done under trusted third party server-authenticated SSL access, preventing man-in-the-middle attacks. Even though SSL cannot prevent spoofing, phishing and pharming attacks, the combination of SSL and ZSentry user authentication can.

Security Online

With ZSentry technology, online message security has to do more with server availability assurance (which the Service can mitigate by server replication according to the required service level for each use) rather than assurances on data confidentiality and data integrity at the server or the user's machine.

That the Service is actually usable by users, with no prior training required, is a very important factor to assure compliance to security requirements by all personnel involved.

User authentication by ZSentry uses a two-factor strong authentication process with a Usercode / Password digital certificate. This process is a direct replacement for, and resembles, the familiar but deeply flawed username / password user authentication, which largely avoids user education and directly supports usability. ZSentry login is designed to prevent phishing, dictionary attacks (even if a user chooses a weak password), and other vulnerabilities, with no password or username lists stored anywhere, not even encrypted.

This Service uses the ZSentry Sans Target technology to protect personal and other sensitive information against inappropriate and unauthorized use and disclosure. Usercodes, Passwords and user access keys are provided by the ZSentry technology and are not stored. Audit trails, which are implemented for all Interface operations, and personal data storage, including email address book, are maintained with encrypted, de-identified numbers, which access keys are provided and secured by the ZSentry technology. Therefore, if security is breached, no user access data or personal data can be recognized or accessed.

ZSentry technology is also used to provide a proven anti-phishing solution and two-factor authentication to protect user Passwords from someone trying to guess them, in dictionary or brute-force attacks, which protection works together with the additional user access protection methods described below.

In regard to additional technology used, ZSentry's networks are protected by up-to-date firewall technology and utilizes trusted third-party certified server-authenticated SSL (Secure Sockets Layer technology) with the highest commercially available data encryption level (256 bit or at least 128 bit, as enabled) technology for transmission of all TLS/SSL transactions, including SSL SMTP and HTTPS. Servers employ power-on and user passwords, virus protection, and battery backup systems. Authorized users have restricted access to files. Operating System and security patches are current. Servers are constantly monitored for break-in attempts or other illegal activity.

Server-authenticated SSL connections are required. Users trying to connect or access without using SSL will be redirected to an SSL access page. If the SSL connection fails, the user is denied access.

For a given Usercode, brute-force attacks may be used to try and gain unauthorized access by trying to guess the ZSentry Password. To prevent such attack, the offending account will be automatically disabled after a defined number of invalid login attempts (see below for reset). Because the ZSentry Usercode must be guessed together with the ZSentry Password, and the Usercode presents an unpredictable very large number of possibilities, this protection is sufficient even if a user chooses a weak password.

Users' access can also be blocked after excessive invalid login attempts even if the Usercode is changed for every attempt.

Denial-of-Service (DoS) and brute-force attacks, which may be used to try and slow down the server or gain unauthorized access to ZSentry accounts, are also prevented. In addition to firewall rules that detect and deflect DoS before the servers, the Service uses redundant servers, spare IP numbers, and DNS fast-switching capability to detect and deflect attacks also at the server level.

DoS attacks, excessive invalid login attempts, or any other misuse attempts also trigger a defense at the user IP level, whereby users' Internet Protocol (IP) numbers are blocked after a number of attempts (which depends on the severity of the attempt). Offending user IP numbers will be automatically added to the IP access list of blocked addresses after that defined number of attempts.

In case of a defense block (as above), a security audit is triggered immediately and the block shall remain in effect until reset. The user may request the access to be reinstated, or simply wait for the Service to verify, take corrective action if needed, and restore access.

User access is disabled after excessive number of messages sent. Spam attacks may be tried to send to a large number of recipients a malevolent virus, a phishing request, or just an excessive number of messages using a ZSentry account. To prevent such access the offending account will be automatically disabled after a defined number of sent messages and shall remain in that state until the next day. Premium account users have a larger quota per day and may request access to be granted for an additional quota per day.

User access is denied for excessively large messages or attachments. Email-bomb attacks may be tried in a Denial-of-Service attempt to overflow a mailbox, to send a malevolent virus, to send a phishing request, or just to send excessively large messages or attachments using a ZSentry account. To prevent such access the offending account will be automatically blocked for that message. Premium account users have a larger size limit.

Auto logoff is enforced, with less time for more critical tasks such as user login. After user login, in case the access is left idle for a defined number of minutes, the user is logged off automatically.

Message Security

ZSentry messages are time-stamped using a time reference synchronized to atomic clocks certified by the National Institute of Standards and Technology (NIST) and US Naval Observatory (USNO). The time-stamp is visible in plaintext and is also tamper-proof, being digitally signed and encrypted with the message itself. The combination of the time-stamp evidence provided by ZSentry acting as a trusted third-party with the ZSentry two factor authentication technology provide for non-repudiation, which purpose is to prevent a party from falsely denying an act.

Messages sent by ZSentry are encrypted end-to-end using the highest commercially available data encryption level (256 bit or at least 128 bit, as enabled) technology. Messages can only be read by the authenticated sender and recipients, who are authenticated according to pre-set online identity policies that can be easily chosen by the sender, within the message's validity period.

Messages are not stored locally (in the user's computer) unless the user specifically commands the Interface to do so, either when read using the decryption Services, or as a draft being edited, or to be sent using the encryption Services. Messages can be stored locally in plaintext or encrypted.

Online Identity

The mailbox of message recipients and message senders are authenticated by cryptographic challenge-response prior to the communication, allowing the online identity of the communicating parties to be positively verified.

HIPAA

If your organization is a HIPAA Covered Entity, HIPAA compliance requires the ZSentry Premium service with at least one-year license. The Basic service does not include all the functions of the Premium service (some of them required for regulatory compliance by organizations).

The default choice for the Premium Service is HIPAA-compliant, with automatic mailbox authentication, login monitoring, and expiration control, enabling secure first-contact and reply without recipient registration. Other choices are available, and users can personalize the Service to use a different default using the Dashboard control. For example, as given below in further detail, users can require recipient registration, and also login.

Dashboard

Users can easily personalize many choices through the Dashboard control, which is protected by mandatory ZSentry two-factor authentication for access and works within controlled, safe parameters. To access, login using ZSentry App and look for the Dashboard controls at the bottom. Choices in the To/Cc bar can also be personalized. When done, users click "Dashboard > Personalize > Save" to make their choices active for the ZSentry Client and the new default for ZSentry App.

As defined through the Dashboard control:

1. Message senders can control the validity period of messages, both before and after reading is allowed, allowing senders to remotely enforce their document retention policy and copyright restrictions. Message senders can set an expiration date for their messages, forcing the zmail to "self-destruct" after the expiration period set by the sender, and thereby protecting the message from future decryption. Message senders can also set a release date for their messages, disabling recipient access until the release date is reached. To enable Secure Quick Reply (next item), the default expiration is set to 15 days (and should not be more than 31 days).
2. Message senders may allow unregistered recipients to read their messages, and also reply securely (but only to the sender) — this is called Secure Quick Reply. If the sender requests a Return Receipt, the sender can self-verify that no one else read the message before. This function is audited and logged at ZSentry, even if no Return Receipt is requested by the sender, so that evidence can be provided in a manner that is independent from the sender, supporting non-repudation. The unregistered recipient's mailbox is authenticated by cryptographic challenge-response before reading and replying is allowed. The recipient can also register to access the message, and reply with less limitations.
3. Message senders may allow registered but not logged in recipients to read their messages. The Service applies the same security and auditing provisions as described above for unregistered recipients, with the added security benefit of the signup records. The recipient's mailbox is authenticated by cryptographic challenge-response before reading and replying is allowed. The recipient can log in to access the message, and reply with less limitations.
4. Message senders may require recipients to login in order to read their messages. The Service applies the same security and auditing provisions as described above for registered recipients, with the added security benefit of the login records. The recipient's mailbox is authenticated by cryptographic challenge-response before reading and replying is allowed. The recipient can choose to log in using "1-click Access", so that the next time the recipient receives an email that requires login, and the session did not expire, the recipient just clicks to read. The recipient can end the session and reset "1-click Access" by closing the browser.
5. Messages can be digitally signed by senders, using a signing key solely under their control, to convey the benefits of a personal signature to recipients, which benefits depend on the jurisdictions involved.
6. After a ZSentry message is sent using the encryption Services, an encrypted ZSentry message copy may also be sent to the sender (Bcc) for secure storage, either automatically for all messages or by selection.  Bcc ZSentry messages are immediately released for reading and do not expire, preserving the sender's access while controlling recipients' access.
7. Senders can, automatically for all messages or by selection, prevent disclosure of the message subject in the plaintext headers, making it available only after decryption.
8. Senders may preserve the privacy of multiple recipients on the Internet (before decryption), and also to one another (after decryption). This is done by requesting the Service, respectively, to suppress the list of copied recipients in the email headers, and to send messages individually even if addressed to multiple recipients. These choices can be performed automatically for all messages or by selection.
9. Senders can request a Return Receipt from the recipient, showing the "Who, What, When, Where and How" regarding recipient information at the time the message was decrypted and read. Recipients have a choice to deny sending back the Return Receipt but only by not reading the message.

No Cookies

To preserve user privacy, the Services do not store cookies in the user's computer, except for session-only encrypted cookies that exist in computer memory for a defined time and only during that web-browser session. After the web-browser is shut down and restarted, or if the web-browser session is used past the time defined by each Service, there are no Service cookies present. All Service session cookies are encrypted and/or present only de-identified numbers.

Zero Footprint

ZSentry is a zero-footprint application. The Services do not install software, plugins, ActiveX plugins, Java, drivers, or store data in the user's computer. The Interface works using technologies already built into the web-browser, email software or other compatible means.

Read more: ZSentry Desktop and Cloud