The attachments or entire e-mail are encrypted securely in ZIP flies. The password is automatically sent as a text message to the recipients smartphone.
What types of encryption are there?
IS-FOX Encrypt always encrypts as a ZIP package. You have two options regarding encryption strength:
- “High compatibility”: IS-FOX Encrypt uses the weaker ZIP 2.0 algorithm to encrypt. The advantage is that almost all recipients can open the file without needing any additional software. However, a file encrypted using ZIP 2.0 can be cracked with hacking tools in the space of a few hours, so you should avoid using this option for highly sensitive information.
- “High security”: IS-FOX Encrypt uses the strong AES-256 algorithm to encrypt. The advantage is that the encrypted file can only be cracked with a lot of time and immense effort, depending on the password length. However, the recipient also needs IS-FOX Encrypt or another software program that can decrypt AES-256 (e.g. package programs such as Winzip, 7-zip or WinRar) in order to open the file.
Does the recipient also need IS-FOX Encrypt?
No. Encrypting e-mails with IS-FOX Encrypt makes the recipient’s everyday work life simpler, for example because the password is pre-set and e-mails can be encrypted permanently. In order to open an e-mail encrypted with IS-FOX Encrypt, a recipient needs:
- For “high compatibility”: only an operating system that can open ZIP files. Every Microsoft Windows operating system from the XP version upwards can do this, for example.
- For “high security”: a package program (e.g. Winzip, 7-zip, WinRar or similar) that can open files encrypted using the strong AES-256 algorithm. 7-zip, for example, is a suitable package program that is free of charge. If you encrypt on a “high security” basis, the e-mail recipient will be informed that this type of program is needed to open it.
Of course, the recipient can install IS-FOX Encrypt, too. If he does not purchase a license (private or business) after 30 days, the encryption module simply switches off. The decryption module and password database can be used indefinitely.
Our IT blocks encrypted ZIP files. What can I do?
Blocking encrypted files is a relic of former IT security defense strategies. If a file is encrypted, the virus scanner cannot see inside, because it is encrypted. That's why some IT organizations decided in former times: "if we can't scan it, we won't let it in". This is no longer state of the art:
- Today, the virus scanners on the client are just as effective as the virus scanners on the e-mail server. If the file would contain malware, it would also be detected at the client during decryption. The risk would be reduced only marginal by an additional check on the server.
- Encryption of files is the only practicable way to exchange sensitive information electronically and, for example, to meet the requirements of the EU General Data Protection Regulation (GDPR). Complex asymmetric solutions, such as S/MIME and PGP, simply do not work in everyday life for normal users. And by the way: the virus scanner on the server cannot check encrypted PGP or S/MIME e-mails either. The risk is the same as with an encrypted ZIP file. But such encrypted e-mails are o.k.?. That's incomprehensible to us.
You can only talk to your IT department about the topic and ask them to change the settings. Most IT managers follow our argumentation and value the protection of sensitive data higher than the minimally higher risk of infection.
Is it always necessary to send a text message?
No. The sending of text messages is optional and needs to be activated separately when sending the e-mail. Most encrypted e-mails are sent without an additional text message, as the recipient has received the password via another communication channel (e.g. by telephone) or already knows it.
How are text messages sent?
IS-FOX Encrypt sends the text-message data encrypted to the IS-FOX Web Service, which then decrypts the data and transmits it (again via an encrypted channel) to one of several message providers. The text message is then fed into the GSM network and sent to the recipient.
If your Internet connection is down when you send the text message, an e-mail with the encrypted message will be generated and stored in the Outlook outbox folder. It will be sent to the IS-FOX server when the Internet connection returns and processed as outlined above.
Can the text message be sent to all international numbers?
Yes, we use message providers that serve all international networks. The text messages are sent as premium text messages, i.e. the delivery has high priority and will be tried several times if necessary.
How is the sending of text messages billed?
You buy an text message packet online in the IS-FOX Encrypt Portal (e.g. 100 text message for EUR 10 plus VAT) and can then use this message contingent.
Where are the passwords stored?
Every Windows user has a personal, encrypted database in his Windows directory. Each user can only access his own password database. Optionally, you can also install a central password database. Then all users can use the same password for an e-mail recipient.
How does the Password Manager work?
IS-FOX Encrypt stores each of your passwords encrypted in the Password Manager and shows it to you on request. A default password is created for each recipient. IS-FOX Encrypt then automatically suggests this default password the next time you send an encrypted e-mail to this recipient. You can always display each password of each encrypted e-mail, even if the e-mail is already permanently decrypted again.
Which password do I use if I want to send an encrypted e-mail to several recipients?
You can create "group passwords" in the password manager, for example for a specific customer or a specific project. If you want to send an encrypted e-mail to several members of the project, simply select the corresponding group password from the password manager.
Can multiple users access the Password Manager?
Every Windows user has his "private" password manager that only he can access. Using a commercial license, you can also install a central password manager. All IS-FOX Encrypt users can access it simultaneously and the passwords are also synchronized to the local "private" password manager. This allows users to access the central passwords even if they are not connected to the central password manager in the office.
Where can I get the installation files for the central database?
You can download the installation files here: Installation package IS-FOX Encrypt central database
Please note the installation instructions within the ZIP package. Installation and setup should be performed by an experienced IT administrator.
What system requirements does IS-FOX Encrypt need?
- Operating system: Microsoft Windows Vista, 7, 8 or 10 (in a 32 or 64-bit version). Any additional components that are needed (Microsoft .NET 4.5, VSTO, PIA) will be installed with IS-FOX Encrypt as required.
- E-mail client: Microsoft Outlook 2007, 2010, 2013 or 2016.
- The central password database requires Microsoft SQL Server 2008 R2 or higher. The free Express Edition works fine.
What are .NET, VSTO und PIA and why are they needed?
- .NET is the Microsoft platform for developing and operating application programs. From Windows 8 upwards,.NET 4.5 is already included in the Windows operating system.
- The Visual Studio Tools for Office (VSTO) serve as a runtime environment for .NET applications in Microsoft Office. They have been part of the Microsoft Office package since Office 2013.
- The Microsoft Primary Interop Assembly (PIA) is the data-exchange interface between .NET and Microsoft Office. It has been part of the Microsoft Office package since Office 2013.
Is IS-FOX Encrypt also available for Mac OS or Linux?
No, IS-FOX Encrypt requires Windows and .NET as key components.
Does IS-FOX Encrypt need a Microsoft Exchange server?
No. IS-FOX Encrypt is purely a user-based software program for Microsoft Outlook without any components on the mail server.
Does IS-FOX Encrypt work in a terminal server environment?
Yes, Encrypt is tested and widely used for terminal server solutions (Citrix or similar). Activation of a license is easily possible in such special environments.
Does IS-FOX Encrypt also work with Office 365?
Yes and no. IS-FOX Encrypt works on the client components of Office 365, i.e. if Microsoft Outlook is installed on the terminal. The web app from Outlook is currently not supported.
In which languages is IS-FOX Encrypt available?
IS-FOX Encrypt is currently available in German and English. The choice of language takes place automatically. A German Office system shows IS-FOX Encrypt in German while all other language versions of Office show IS-FOX Encrypt in English.
How is IS-FOX Encrypt installed?
- Single-user version: you install IS-FOX Encrypt via the set-up program. IS-FOX Encrypt checks if all the necessary components are available. Any missing components in the operation system (e.g. Microsoft .Net, PIA or Visual Studio Tools for Office) are automatically installed with IS-FOX Encrypt.
- Company-wide rollout: you can roll out IS-FOX Encrypt via your usual software distributor or Microsoft Group Policies. You also have the option of managing your IS-FOX Encrypt settings centrally via the IS-FOX Encrypt Portal.
Are administration rights needed for IS-FOX Encrypt?
Administration rights are needed for the installation of IS-FOX Encrypt. It can then be implemented using normal user rights.
What do I need to take into account when installing IS-FOX Encrypt into Office 2013/2016?
There are no independent Primary Interop Assemblies (PIA) for Office 2013/2016 that can be installed with IS-FOX Encrypt. The PIA 2013/2016 is automatically installed with Office 2013/2016 unless the component has been deliberately excluded at the installation stage. If the PIA 2013/2016 has not been installed with your Office 2013/2016 system, you can add the component manually: go to the Windows Control Panel then in Programs and Functions select Office 2013/2016 and “Change”. The “.NET Programmability Support” component must be installed underneath Outlook.
What happens if a user gets a new computer?
- For single-use computers without a Windows domain (private individuals or small enterprises): you can install IS-FOX Encrypt on the new computer and enter your licence key. Activation then takes place automatically via the e-mail address. The password database is linked to the Windows user so it can’t just be transferred to the new computer. Export your password database from the old system and import it into the new one.
- For company computers in a Windows domain: all the important IS-FOX Encrypt files and settings are stored in the user profile. If this profile moves to a new computer then all passwords and settings are kept. If the user is deleted in the Active Directory, the database can no longer be decrypted.
What types of licences are there?
- Private licence: a free licence for private use for one e-mail address.
- Commercial licence: a paid-for licence for companies; prices are staggered depending on licence scope. The commercial licence facilitates central management and rollout.
- Decryption license: recipients can install and use the 30-day trial version for private or business use. After 30 days the encryption module is deactivated. The decryption module and password database can be used indefinitely free of charge.
Is the licensing for IS-FOX Encrypt user or device-based?
Licensing is based on e-mail addresses. The user Sam Sample, for example, can license IS-FOX Encrypt on his e-mail address email@example.com. He can install IS-FOX Encrypt on as many devices as necessary but only use it with this e-mail address.
How is the e-mail address checked?
- Private licence: IS-FOX Encrypt uses the e-mail address you used to register in the IS-FOX Encrypt Portal, so if you registered in the IS-FOX Encrypt Portal with sam.sample.de, you can only link your IS-FOX Encrypt licence to this e-mail. You can change the e-mail address in the portal at any time if you want to link your licence to another e-mail address.
- Commercial licence: IS-FOX Encrypt uses the domain of the e-mail address you used to register in the IS-FOX Encrypt Portal, so if you registered with firstname.lastname@example.org, you can link your IS-FOX Encrypt licence to all e-mail addresses in the “mycompany.de” domain. You can add as many domains as necessary (mycompany.de, subsidiarycompany.de or mycompany.com) under “Settings” in the IS-FOX Encrypt Portal.
- Decryption license: there is no verification of an e-mail address for decryption of IS-FOX Encrypt e-mails.
What does “activation” mean?
After the licence key has been entered, IS-FOX Encrypt links itself to the licence server and assigns the e-mail address to the licence. The software is then officially released for use. IS-FOX Encrypt checks the validity of the licence at regular intervals.
Is activation absolutely necessary?
No activation is needed during the 30-day period of the demo version. Activation is required to use the encryption module after the demo period has expired. The decryption can be used without activation.
IS-FOX Encrypt is not showing or loading in Outlook.
You’ve installed IS-FOX Encrypt and are starting up Outlook but IS-FOX Encrypt is not displayed. In this case, please open the Outlook Add-in dialogue:
- Outlook 2007: Extras menu – Trust Center - Add-Ins
- Outlook 2010 and 2013 file - Options - Add-ins
Outlook Add-in dialogue
- IS-FOX Encrypt is listed under inactive add-ins:
- Select “Go to - COM Add-in" in the add-in dialogue and activate the tick in front of IS-FOX Encrypt. The “Load behaviour” should be “Load at startup”. Confirm with OK. IS-FOX Encrypt should now be loaded. If not, open the add-in dialogue again via "Go to - COM Add-in", tick IS-FOX Encrypt and check the load behaviour message. If an error is displayed (... a runtime error occurred), this means that a necessary Microsoft component (.NET. VSTO, PIA) is faulty.
- IS-FOX Encrypt is listed under deactivated add-ins:
- If, for whatever reason, Outlook closes unexpectedly (e.g. it crashes), Microsoft makes the add-in that was running at the time of the crash responsible for it, regardless of whether the add-in was actually responsible or not. In this case, Microsoft deactivates the add-in. Select "Go to – Deactivated elements" in the add-in dialogue and re-activate IS-FOX Encrypt (= release it from the exclusion zone). IS-FOX Encrypt will then initially be listed under “Inactive add-ins” and must then be activated as set out above.
- IS-FOX Encrypt isn’t listed at all:
- An installation error has clearly occurred. Please re-install IS-FOX Encrypt.
The mobile phone number of a recipient isn’t showing, even though it’s listed in Outlook Contacts
This behaviour can occur if you use Microsoft Exchange and write to a recipient who is also listed in the Microsoft Exchange global address list (GAL). Outlook differentiates between the e-mail addresses in the Exchange GAL and the local Outlook Contacts list. This isn’t obvious when you type an e-mail address, however, so it may be that you’re writing to a “Sam Sample” and, while you’re typing, the “auto-complete” applies the address for Sam Sample in the Microsoft Exchange address list. If no phone number has been stored there, no phone number will appear, even if the same e-mail address with a phone number is stored in the local Contacts list.
Solution: Use the “To…” button to select the recipient from the local Outlook Contacts list or enter the mobile phone number once in the Exchange address list. IS-FOX Encrypt will then assign this number to the e-mail address.
We are planning a function extension for a future version of IS-FOX Encrypt so that all available address books are searched automatically.
Can I combine IS-FOX Encrypt with IS-FOX Classification?
Yes, IS-FOX Encrypt is an integral part of IS-FOX Classification. If you classify an e-mail as confidential, encryption is automatically activated.
Can I use Encrypt and S/MIME in parallel?
Yes, with IS-FOX Classification you can configure S/MIME as the main encryption and Encrypt as a fall-back solution. This means: if an e-mail can be encrypted via your existing S/MIME solution (sender and recipient certificates are available and valid), S/MIME is used. If the S/MIME encryption would fail (a certificate is missing or invalid), the user will be informed and recommended to encrypt the email with IS-FOX Encrypt instead.
Can I upgrade from IS-FOX Encrypt to IS-FOX Classification?
Yes. the previous license costs will be fully credited to you.