EdbMails Backup file at rest are encrypted using 256-bit Advanced Encryption Standard (AES). To protect data in transit between EdbMails application and Exchange servers, EdbMails uses Secure Sockets Layer (SSL)/Transport Layer Security (TLS) for data transfer, creating a secure tunnel protected by 128-bit or higher Advanced Encryption Standard (AES) encryption. Similarly, data in transit between application and the hosted Exchange server is encrypted via SSL/TLS.

Key management

EdbMails key management infrastructure is designed with operational, technical, and procedural security controls with very limited direct access to keys. Encryption key generation, exchange, and storage is distributed for decentralized processing.

EdbMails manages file encryption on users’ behalf to remove complexity, support advanced product features and enable strong cryptographic control. File encryption is protected by production system infrastructure security controls and security policies. Access to production systems is restricted with unique SSH key pairs, and security policies and procedures require protection of SSH keys. An internal system manages the secure public key exchange process, and private keys are stored securely.