Attachments or the entire e-mail are securely encrypted as a ZIP package or in a PDF file, the password is automatically transmitted via text message.
What types of encryption are there?
IS-FOX Encrypt encrypts e-mails and attachments as ZIP package or PDF file. When encrypting as ZIP package you have the following options for the strength of the encryption:
- “High compatibility”: IS-FOX Encrypt uses the rather weak ZIP 2.0 algorithm for encryption. The advantage is that almost every recipient can open the file without additional software. However, a ZIP 2.0 encrypted file can possibly be cracked with hacking tools and a few hours of effort. You should therefore not use this option for highly sensitive information.
- “High security”: IS-FOX Encrypt uses the strong AES-256 algorithm for encryption. The advantage is that the encrypted file can only be cracked with extreme effort, depending on the password length. However, the recipient also needs IS-FOX Encrypt or other software that can decrypt AES-256 (e.g. packing programs like WinZip, 7-Zip or WinRAR) to open the file.
PDF encryption always uses AES-256 encryption. Such a PDF file can be opened by all common PDF viewers. With PDF encryption, however, only the complete e-mail can be encrypted.
Does the recipient also need IS-FOX Encrypt?
No. In order to open an IS-FOX Encrypt encrypted e-mail, a recipient needs:
- For “high compatibility”: Only an operating system that can open ZIP files. For example, any Microsoft Windows operating system version XP or later is capable of doing this.
- For “high security”: A packing program (e.g. WinZip, 7-Zip, WinRAR, or similar) that can open a strong AES-256 encryption. 7-Zip, for example, is a suitable free packing program. If you encrypt with high security, the recipient of the e-mail will be informed that such a program is needed to open the e-mail.
If an e-mail is encrypted in a PDF file, the recipient only needs a common PDF viewer (e.g. Adobe Acrobat Reader, Foxit PDF Reader, or similar) to decrypt the file. All common Internet browsers such as Google Chrome and Mozilla Firefox already have such viewers integrated. However, these are usually not sufficient for displaying file attachments.
Of course, the recipient can also install IS-FOX Encrypt. If he does not purchase a Private or Commercial Subscription for the full version after 30 days, the encryption module simply switches off. The decryption can continue to be used indefinitely.
Our IT blocks encrypted ZIP files. What can I do?
Blocking encrypted files is a relic of earlier IT security defenses. If a file is encrypted, the virus scanner cannot look into it, since it is encrypted. That's why some IT organizations used to decide: "if we can't scan it, we won't let it in". Today this is no longer appropriate:
- Nowadays the virus scanners on the client are just as effective as the virus scanners on the e-mail server. Should the file contain malware, it would also be detected on the client during decryption. The risk would only be minimally reduced by an additional check on the server.
- Encryption of files is the only practicable way to exchange sensitive information electronically and, for example, to meet the requirements of the EU Data Protection Regulation (GDPR). Complex asymmetric solutions such as S/MIME and PGP simply do not work in everyday life for a normal user. Moreover, the virus scanner on the server cannot check e-mails encrypted in this way either. The risk is therefore just as high as with an encrypted file. But such encrypted e-mails are passed through. An incomprehensible measure for us.
You can only discuss the issue with your IT managers and encourage them to change the settings. Most IT managers follow our reasoning and rate the protection of sensitive data higher than the minimally higher risk of infection.
Is it always necessary to send a text message?
No. The sending of text messages is optional and needs to be activated separately when sending the e-mail. Most encrypted e-mails are sent without an additional text message, as the recipient has received the password via another communication channel (e.g. by telephone) or already knows it.
How are text messages sent?
IS-FOX Encrypt sends the text-message data encrypted to the IS-FOX Web Service, which then decrypts the data and transmits it (again via an encrypted channel) to one of several message providers. The text message is then fed into the GSM network and sent to the recipient.
If your Internet connection is down when you send the text message, an e-mail with the encrypted message will be generated and stored in the Outlook outbox folder. It will be sent to the IS-FOX server when the Internet connection returns and processed as outlined above.
Can the text message be sent to all international numbers?
Yes, we use message providers that serve all international networks. The text messages are sent as premium text messages, i.e. the delivery has high priority and will be tried several times if necessary.
How is the sending of text messages billed?
You buy an text message packet online in the IS-FOX Encrypt Portal (e.g. 100 text message for EUR 10 plus VAT) and can then use this message contingent.
Where are the passwords stored?
Every Windows user has a personal, encrypted database in his Windows directory. Each user can only access his own password database. Optionally, you can also install a central password database. Then all users can use the same password for an e-mail recipient.
How does the Password Manager work?
IS-FOX Encrypt stores each of your passwords encrypted in the Password Manager and shows it to you on request. A default password is created for each recipient. IS-FOX Encrypt then automatically suggests this default password the next time you send an encrypted e-mail to this recipient. You can always display each password of each encrypted e-mail, even if the e-mail is already permanently decrypted again.
Which password do I use if I want to send an encrypted e-mail to several recipients?
You can create "group passwords" in the password manager, for example for a specific customer or a specific project. If you want to send an encrypted e-mail to several members of the project, simply select the corresponding group password from the password manager.
Can multiple users access the Password Manager?
Every Windows user has his "private" password manager that only he can access. Using a Commercial Subscription, you can also install a central password manager. All IS-FOX Encrypt users can access it simultaneously and the passwords are also synchronized to the local "private" password manager. This allows users to access the central passwords even if they are not connected to the central password manager in the office.
Where can I get the installation files for the central database?
You can download the installation files here: Installation package IS-FOX Encrypt central database
Please note the installation instructions within the ZIP package. Installation and setup should be performed by an experienced IT administrator.
What system requirements does IS-FOX Encrypt need?
- Operating system: Microsoft Windows Vista, 7, 8 or 10 (in a 32 or 64-bit version) with Microsoft .NET 4.5.2 or higher and .NET Programmability support (VSTO, PIA).
- E-mail client: Microsoft Outlook 2010, 2013, 2016 or 365 / 2019.
- The central password database requires Microsoft SQL Server 2008 R2 or higher. The free Express Edition works fine.
What are .NET, VSTO und PIA and why are they needed?
- .NET is the Microsoft platform for developing and operating application programs. From Windows 8 upwards,.NET 4.5 is already included in the Windows operating system.
- The Visual Studio Tools for Office (VSTO) serve as a runtime environment for .NET applications in Microsoft Office. They have been part of the Microsoft Office package since Office 2013 and are called ".NET Programmability support".
- The Microsoft Primary Interop Assembly (PIA) is the data-exchange interface between .NET and Microsoft Office. It has been part of the Microsoft Office package since Office 2013 and is called ".NET Programmability support".
Is IS-FOX Encrypt also available for Mac OS or Linux?
No, IS-FOX Encrypt requires Windows and .NET as key components.
Does IS-FOX Encrypt need a Microsoft Exchange server?
No. IS-FOX Encrypt is purely a user-based software program for Microsoft Outlook without any components on the mail server.
Does IS-FOX Encrypt work in a terminal server environment?
Yes, Encrypt is tested and widely used for terminal server solutions (Citrix or similar). Activation of a license is easily possible in such special environments.
Does IS-FOX Encrypt also work with Office 365?
Yes and no. IS-FOX Encrypt works on the client components of Office 365 / 2019, i.e. if Microsoft Outlook is installed on the terminal. The web app from Outlook is currently not supported.
In which languages is IS-FOX Encrypt available?
IS-FOX Encrypt is currently available in German and English. The choice of language takes place automatically. A German Office system shows IS-FOX Encrypt in German while all other language versions of Office show IS-FOX Encrypt in English.
How is IS-FOX Encrypt installed?
- Single-user version: you install IS-FOX Encrypt via the set-up program. IS-FOX Encrypt checks if all the necessary components are available. Any missing components in the operation system (e.g. Microsoft .Net, PIA or Visual Studio Tools for Office) are automatically installed with IS-FOX Encrypt.
- Company-wide rollout: you can roll out IS-FOX Encrypt via your usual software distributor or Microsoft Group Policies. You also have the option of managing your IS-FOX Encrypt settings centrally via the IS-FOX Encrypt Portal.
Are administration rights needed for IS-FOX Encrypt?
Administration rights are needed for the installation of IS-FOX Encrypt. It can then be implemented using normal user rights.
What do I need to take into account when installing IS-FOX Encrypt into Office 2013/2016?
There are no independent Primary Interop Assemblies (PIA) for Office 2013/2016 that can be installed with IS-FOX Encrypt. The PIA 2013/2016 is automatically installed with Office 2013/2016 unless the component has been deliberately excluded at the installation stage. If the PIA 2013/2016 has not been installed with your Office 2013/2016 system, you can add the component manually: go to the Windows Control Panel then in Programs and Functions select Office 2013/2016 and “Change”. The “.NET Programmability Support” component must be installed underneath Outlook.
What happens if a user gets a new computer?
- For single-use computers without a Windows domain (private individuals or small enterprises): you can install IS-FOX Encrypt on the new computer and enter your licence key. Activation then takes place automatically via the e-mail address. The password database is linked to the Windows user so it can’t just be transferred to the new computer. Export your password database from the old system and import it into the new one.
- For company computers in a Windows domain: all the important IS-FOX Encrypt files and settings are stored in the user profile. If this profile moves to a new computer then all passwords and settings are kept. If the user is deleted in the Active Directory, the database can no longer be decrypted.
Which licenses are available?
- Private Subscription: contains a free unlimited license for one e-mail address for private use with a duration of one year.
- Commercial Subscription: this is a paid subscription for companies based on scaled prices depending on the license volume with a duration of one year. The Commercial Subscription allows you to centrally roll out the software and centrally manage users.
- License for decryption: Recipients can install and use the 30-day demo version for private or business purposes. After 30 days, the encryption module will deactivate itself. The decryption can be used free indefinitely.
Is IS-FOX Encrypt licensed by user or device?
Licensing is based on e-mail addresses. For example, the user John Doe can license IS-FOX Encrypt to his e-mail address firstname.lastname@example.org. He can install IS-FOX Encrypt on any number of devices, but only use it with that e-mail address.
How is the e-mail address verified?
- Private Subscription: IS-FOX Encrypt uses the e-mail address with which you registered in the IS-FOX Encrypt Portal. Therefore, if you have registered with email@example.com on the IS-FOX Encrypt Portal, you can only connect your IS-FOX Encrypt license to this e-mail address. You can change the e-mail address on the Portal at any time to associate your license with another private e-mail address.
- Commercial Subscription: IS-FOX Encrypt uses the domain of the e-mail address with which you registered in the IS-FOX Encrypt Portal. Therefore, if you have registered with firstname.lastname@example.org, you can connect your IS-FOX Encrypt licenses to all e-mail addresses in the domain "mycompany.com". You can add as many additional domains as you like (mycompany.com; subsidiary.com; mycompany.eu) under "Settings" in the IS-FOX Encrypt Portal.
- License for decryption: to decrypt IS-FOX Encrypt e-mails no verification of an e-mail address takes place.
What does "connect" mean?
IS-FOX Encrypt connects to the license server after entering the license key and assigns the e-mail address to the license. Afterwards the software is officially activated for use. IS-FOX Encrypt checks the validity of the license periodically.
Is activation mandatory?
The demo version does not require activation during the 30-day period. Activation is required to use the encryption module after the demo period has expired. The decryption can be used without activation.
IS-FOX Encrypt is not showing or loading in Outlook.
You’ve installed IS-FOX Encrypt and are starting up Outlook but IS-FOX Encrypt is not displayed. In this case, please open the Outlook Add-in dialogue:
- Outlook 2007: Extras menu – Trust Center - Add-Ins
- Outlook 2010 and 2013 file - Options - Add-ins
Outlook Add-in dialogue
- IS-FOX Encrypt is listed under inactive add-ins:
- Select “Go to - COM Add-in" in the add-in dialogue and activate the tick in front of IS-FOX Encrypt. The “Load behaviour” should be “Load at startup”. Confirm with OK. IS-FOX Encrypt should now be loaded. If not, open the add-in dialogue again via "Go to - COM Add-in", tick IS-FOX Encrypt and check the load behaviour message. If an error is displayed (... a runtime error occurred), this means that a necessary Microsoft component (.NET. VSTO, PIA) is faulty.
- IS-FOX Encrypt is listed under deactivated add-ins:
- If, for whatever reason, Outlook closes unexpectedly (e.g. it crashes), Microsoft makes the add-in that was running at the time of the crash responsible for it, regardless of whether the add-in was actually responsible or not. In this case, Microsoft deactivates the add-in. Select "Go to – Deactivated elements" in the add-in dialogue and re-activate IS-FOX Encrypt (= release it from the exclusion zone). IS-FOX Encrypt will then initially be listed under “Inactive add-ins” and must then be activated as set out above.
- IS-FOX Encrypt isn’t listed at all:
- An installation error has clearly occurred. Please re-install IS-FOX Encrypt.
The mobile phone number of a recipient isn’t showing, even though it’s listed in Outlook Contacts
This behaviour can occur if you use Microsoft Exchange and write to a recipient who is also listed in the Microsoft Exchange global address list (GAL). Outlook differentiates between the e-mail addresses in the Exchange GAL and the local Outlook Contacts list. This isn’t obvious when you type an e-mail address, however, so it may be that you’re writing to a “Sam Sample” and, while you’re typing, the “auto-complete” applies the address for Sam Sample in the Microsoft Exchange address list. If no phone number has been stored there, no phone number will appear, even if the same e-mail address with a phone number is stored in the local Contacts list.
Solution: Use the “To…” button to select the recipient from the local Outlook Contacts list or enter the mobile phone number once in the Exchange address list. IS-FOX Encrypt will then assign this number to the e-mail address.
We are planning a function extension for a future version of IS-FOX Encrypt so that all available address books are searched automatically.
Can I combine IS-FOX Encrypt with IS-FOX Classification?
Yes, IS-FOX Encrypt is an integral part of IS-FOX Classification. If you classify an e-mail as confidential, encryption is automatically activated.
Can I use Encrypt and S/MIME in parallel?
Yes, with IS-FOX Classification you can configure S/MIME as the main encryption and Encrypt as a fall-back solution. This means: if an e-mail can be encrypted via your existing S/MIME solution (sender and recipient certificates are available and valid), S/MIME is used. If the S/MIME encryption would fail (a certificate is missing or invalid), the user will be informed and recommended to encrypt the email with IS-FOX Encrypt instead.
Can I upgrade from IS-FOX Encrypt to IS-FOX Classification?
Yes. the previous license costs will be fully credited to you.