About the Cisco Secure Email Encryption Service (CSEES)

Prior to December 12, 2020, Cisco Secure Email Encryption Service (CSEES) was known as Cisco Registered Envelope Service (CRES).

Indiana University uses the Cisco Secure Email Encryption Service (CSEES) to provide protection of certain sensitive information when it leaves the IU network. IU (including the IU Health Sciences community) uses the Cisco Data Loss Prevention appliance (IronPort) to encrypt email containing certain sensitive data, including identifiable medical, personal, and financial information; see About sensitive data at IU and About protected health information (PHI).

All outbound messages from IU mail servers to external recipients are scanned for certain potentially sensitive information; if the scan determines that the message is likely to contain sensitive data, it is encrypted, and the recipient is sent email with instructions for accessing and reading the message (see Read a CSEES-encrypted message).

  • Only outbound mail is affected. Mail that stays within the IU network (for example, from one Exchange user to another) is not affected.
  • Mail scanning is automatic. All relevant messages are scanned, and will be encrypted if they are found to contain protected types of information. However, you may ensure that your message will be encrypted by including [Secure Message] (case insensitive, with square brackets) in your subject line; see Ensure that mail sent from your Exchange account to an outside address is encrypted by CSEES.
  • Attachments are encrypted. If an email message or any of its attachments are found to contain sensitive data, the message and all attachments are encrypted. However, not all file types can be scanned and therefore trigger automatic encryption; if you send any type of message or attachment containing sensitive data, you should force encryption by including [Secure Message] (case insensitive, with square brackets) in your subject line as above. Note that attachments over 100 MB cannot be encrypted and sent by CSEES; see Email message size limits.
  • Each recipient address only needs to register once.
  • CSEES-encrypted mail sent to mailing lists cannot be viewed. See About CSEES-encrypted messages sent to mailing lists.
  • You can manage secure messages after they have been sent. By registering your IU email address with CSEES, you can lock and unlock sent messages, or add or remove expiration dates. See Prevent a recipient from reading a secure, CSEES-encrypted message you have sent.
  • You can forward and reply to messages securely. By forwarding or replying from within CSEES, you can ensure that the sensitive content remains secure; see Replies and forwarding for CSEES-encrypted messages.

For more about CSEES, see Cisco's About Secure Messages and Secure Message Help pages. You can also click Help when on the Cisco site to read context-sensitive help.

If you have problems reading an encrypted message, see If you can't read a CSEES-encrypted message or contact your campus Support Center.

If your outbound email message was encrypted and you don't think it should have been, see If IronPort encrypts your outbound email.

This is document bbtq in the Knowledge Base.
Last modified on 2022-12-13 13:29:47.