If emails are encrypted sensitive contents should be protected from access by a third person – and this is exactly what REDDCRYPT achieves through the consequent end-to-end encryption. This means that only the respective sender and recipient are able to read the email.
The data to be protected are often HR data, salary statements, monthly reports or contracts. Therefore access to this data is still required even if the employee no longer works for the company.
For this reason it is possible to create a Master Key. This enables authorized persons to decrypt emails of the company.
How to create the Master Key
The Master Key is part of REDDCRYPT Business. You can create a master key at
Settings -> My Organization -> Master Keys
with a click on the button “Create a new key”.
When you create the Master Key you will be asked for a password. Please note that we cannot recover this password and therefore keep this password in a safe place such as a password manager. However, if you forget the password, you can create a new Master Key (see below).
The creation of the Master Key is now completed.
To see if members are secured with the Master Key
The next time the members of your organisation log in to REDDCRYPT these accounts will be secured with the Master Key. In the overview of your members you can see which member has already been secured with the Master Key:
- If the key is green the account is secured with the master key.
- If the key is red the account is not secured with the master key.
- If the key is orange the account is secured with an archived master key.
Decrypt encrypted email with the Master Key
In order to decrypt an email you need the reddcrypt.securemail file. This file is always attached to the transport mails of REDDCRYPT. You can find these transport mails in the mailbox of your former employee or – if available – in your email archive (if you do not use archiving yet we recommend our email archiving REDDOXX MailDepot).
Another possibility is to reset the password of the former employee with the Master Keys and then log in to his account. The requirement for this is that you have access to the mailbox of the former employee. We have documented here how to reset passwords with the Master Key.
If you have the reddcrypt.securemail file open it at
Settings -> My Organization -> Master Keys -> Decrypt E-Mail
To be able to read the email you have to enter the password of the Master Key now.
If the password entered was correct the private key of the former employee is now automatically decrypted and the email becomes readable.
Create new Master Key and archive old one
As an administrator you can create a new Master Key at any time. The previous Master Key is automatically archived. This is necessary – for example – if you have forgotten the password of the previous Master Key. The process for creating the new Master Key is the same as the first one.
The newly created Master Key is now used to secure your employees with it. This will be done the next time the employees log in to REDDCRYPT (also applies if the users use the Outlook Plugin). All accounts which do not log in anymore remain protected with the old Master Key.
The previous master key remains as an archived key in case you remember the password again.