Symantec, a leading Cyber Security Vendor, includes a feature that allows an organization to exchange sensitive data in a secure manner without the need to install any software or exchange any keys for encryption. This is done with the Web Email Protection functionality, which is a secure web inbox similar designed to exchange information with only the organization hosting this service.  Once enrolled to your Web Email Protection account, any further email sent to you from such an organization is accessed through an internet browser, such as Chrome or Firefox.  This article will cover the following features within Web Email Protection:

• Creating a Web Email Protection Account
• Editing Messages
• Changing and recovering your passphrase
• Changing future message delivery settings

Creating a Web Email Protection Account 

To start using Web Email Protection, you will receive an email invite from the organization hosting the PGP Encryption Management Server.  The email invite you receive will direct you to click a link to read the email message. This link will help you establish your secure Web Email Protection account. The basic steps to do so are listed below:

 

1. Click the link in your email.  The email will have the appears of the following link, however, it will be specific to the organization you do business with:
   https://keys.example.com/b/[email protected]&n=2FXBdOM0FY7ryjOqUW6rrQ). This will open your default internet browser and take you to the passphrase creation screen.
2. Enter a new passphrase. Make note of the passphrase recommendations. Following the recommended guidelines for passphrase creation will help protect your information.
3. Confirm the new passphrase, and click Continue.
4. Select the Web Email Protection delivery option, and click Choose Option. The Inbox will then appear, and email can be read. 
   
   
   Important: Any future emails you receive from this organization will be sent to your secure inbox.  The emails themselves will not contain the sensitive information, but will include a link to login to your inbox to obtain this information.   The following screenshot is a basic look and feel for Web Email Protection, although your vendor may customize this to match their own branding:
   
   
   Any information you need to send back should always be done via your secure Web Email Protection inbox and not via the email you received with the link.
   
   
   

Editing Messages 

The options available for editing web messages are typical of a traditional inbox:
 

1. Reply/Reply to all - Click one of these options to send a response to the sender.
2. Delete - Click this option to remove the message.
3. Print - Click the Printable View button to access the print button.
4. Compose - To compose a new message, you will need to go to your Inbox, and click Compose.

Note: It is possible to send messages to only those in the original "To:" field or to those part of the secure domain.

Changing and Recovering Your Passphrase 

1. Login to your Web Email Protection account. This is done by opening your internet browser and going to the Web Email Protection site, such as https://keys.example.com.  It is always easiest to click the links that are sent to you.
2. Enter your email address and passphrase and click Login.
3. Click Settings.
4. Click Change Passphrase.
5. Enter in a new passphrase.
6. Confirm the new passphrase, and click Continue.
7. The passphrase is now changed and you may close the window or return to your Inbox.

If you have forgotten your passphrase, you may recover it as follows:

 

1. Open the Web Email Protection site, such as https://keys.example.com.
2. Click the I lost my passphrase link.
3. Enter your email address and click Send.
4. Check your email as a new email was sent automatically with a link to reset the passphrase.
5. Click the link provided in the email.
6. Enter a new passphrase.
7. Confirm the new passphrase, and click Continue.
8. Click Choose Option, or close the window.

Changing Future Mail Delivery Option 

Web Email Protection is the easiest option to exchange email, because you do not need to install software, or exchange keys.

If you are an advanced user, and wish to change the delivery option to use keys, or PDF Messenger (no secure inbox, but all email is sent to a secure PDF unlocked with your WEP passphrase), S/MIME do the following (not, these options may or may not be available as determined by the vendor who hosts your Web Email Protection solution:

 

1. Login to your Web Email Protection Account.
2. Click Settings.
3. Select the delivery option you wish to change to (see screenshot below for an example) and click Continue.
4. Import the public key or certificate file, and then click Continue.

Troubleshooting:

If you are not receiving the Web Email Protection email invitations or notifications, check the spam folder.  The emails typically come from "[email protected]" where "example.com" is the domain you are exchanging secure email with.  Some mail providers, such as Gmail may be filtering out "do-not-reply" messages thinking the emails may be spam so you may need to add this email to your safe list to have future emails show up in the inbox.

If you use security solutions that click the links for you, these may have disabled the links for Web Email Protection as some of these links are one-time use links.  See article 163934 for more information.  You may need to work with your secure vendor if this is an issue that you continue to see.