Email Security Suite

Products

Email Security Suite

Security add-in for popular email clients for certificate-based digital signing and encryption of mails with Windows, macOS, iOS, and Android support. Email Security Suite offers frictionless delivery of internal and external secure email communications with automation of certificate provisioning, management and escrow. Protection of your private key and allows you to achieve and maintain compliance. Extending S/MIME capabilities for secure large file transfer and complete mailbox encryption.

Why Enterprises Need S/MIME-Based Email Security

Email remains one of the most exploited attack vectors for data breaches, phishing, and business email compromise (BEC). Standard transport-layer encryption such as TLS only protects messages while they move between mail servers — once a message arrives in a mailbox, its contents and attachments sit in clear text and are exposed to insider threats, cloud account breaches, and unauthorized backup access. S/MIME (Secure/Multipurpose Internet Mail Extensions) closes that gap by applying end-to-end, certificate-based email signing and encryption to every message, so only the intended recipient — using their own private key — can decrypt and read it.
The Sixscape Email Security Suite is an enterprise email security software platform built on the globally recognized X.509 and S/MIME standards. It combines automated secure email certificate provisioning, SSL private key protection, and centralized policy management to deliver a complete, scalable secure email encryption service across Microsoft Outlook, Apple Mail, iOS, Android, and other widely deployed clients.

S/MIME Automation

Automatically, seamlessly and centrally deploy S/MIME certificates to popular mail clients in seconds for digitally signing and encrypting of mails at enterprise-scale

Retrospective Email Encryption

Retrospectively encrypt all your legacy clear-text emails, preventing unauthorized local/cloud mailbox access, and addressing compliance

Secure Large File Transfers

Large files securely shared using S/MIME certificates. No more shared-secrets or passwords needed for protecting encrypted data-at-rest and in-transit

Onsite Key Escrow

Onsite escrow of your employees’ private encryption keys and certificates mitigating  accidental loss or malicious removal, addressing data retention/compliance

Prospective Email Protection

Policy-driven encryption of all outgoing emails and incoming clear-text emails “on-the-fly”

Share Files To Multiple Recipients

Automated recipients’ certificate selection and in-built file compression for securely sharing of large files to any number of internal or external recipients

HSM Protected Keys

Multi FIPS140-2 HSM support with MofN access for secure storage of employees’ keys on-premises, allowing organizations to achieve and maintain compliance

Third Party Integrations

Integration to popular Email clients, Mobile Device Management solutions, Cloud-based file-sharing services, directory services delivering a 360° security posture

Enterprise Supply Chain Security

Ensure third-party identity assurance and integrity, and securely communicate with your supply chain using S/MIME certificate-based email

Frictionless deployment across all workstations, laptops and mobile devices with sharing of one private key and certificate and support for BYOD deployments and MDM support with zero impact on employees.

How the Email Security Suite Works

Deployment is engineered to be invisible to the end user. After integrating with your directory service (Active Directory, Azure AD, Google Workspace, or LDAP) and your chosen Certificate Authority, the Suite automatically issues a secure email certificate to each user, provisions the same certificate and private key to every authorized device, and escrows the encryption key on-premises in a FIPS 140-2 validated HSM. From that point forward, every outbound message is digitally signed and — based on administrator policy — automatically encrypted, while inbound clear-text mail can be re-encrypted on arrival. Legacy mailbox content can also be retrospectively encrypted, removing historical data-at-rest exposure without disrupting users or workflows.

Key Features

  • Secure digitally signed and encrypted S/MIME-based emails
  • Windows, MacOS, iOS and Android support
  • Directory service integrations with Active Directory, G Suite, Azure AD, LDAP and others
  • Private key protection, it never leaves your device with full automated secure key escrow and MofN support.
  • Same encryption private key and S/MIME certificate deployed across all end user devices
  • Integration with all Certificate Authorities and PKI software
  • Secure large file transfer using S/MIME
  • Retrospective encryption of legacy emails
  • External party email encryption, securing email with suppliers and business partners (securing your supply chain)
  • Mobile Device Management (MDM) support
  • Single S/MIME certificate for secure email, large file transfer and retrospective encryption
Value: For my business
  • Achieve and maintain industry and regulatory compliance across corporate communications, legal document retention and always-on access to encrypted mails
  • Protect corporate identity and assets with digitally signed and encrypted emails, large files and content
  • Improve administrative efficiency with centralised deployment, automated and enterprise-scale with policy-based management
  • Secure deployment and safeguard private keys and certificates on corporate desktop, mobile and BYOD devices
  • Enable MofN access to corporate encrypted emails of past employees to authorized person
  • Escrow and recovery of encryption key in case of malicious or accidental loss of encryption private key
  • Protecting employees’ (legacy and future) emails and large files in both local and in the cloud
Benefits: For my employees
  • Ensure personal identity on internal and external communications
  • Assurance on email sender integrity and authenticity for phishing and Business Email Compromise prevention
  • Secure encrypted transmission of sensitive email content and large files
  • Hands-off signing and encryption of emails transmission of sensitive email content
  • Sending, receiving, and reading of encrypted emails across multiple devices
  • Peace of mind on the integrity and secure storage of your private key and certificate

Industries and Compliance Use Cases

Organizations across regulated sectors rely on certificate-based email signing and encryption to meet strict data-protection mandates:

  • Financial services and banking — protecting client communications and transaction records in line with MAS TRM, PCI-DSS, and SOX expectations.
  • Healthcare and life sciences — safeguarding patient information and clinical correspondence under HIPAA and equivalent regional privacy frameworks.
  • Government and public sector — meeting national PKI standards for citizen-facing services and inter-agency communication.
  • Legal and professional services — preserving privilege, integrity, and chain-of-custody for case files, contracts, and large evidentiary attachments.
  • Manufacturing and supply chain — verifying third-party identity to prevent invoice fraud, supplier impersonation, and BEC attacks.

The Email Security Suite supports organizations working toward compliance with GDPR, HIPAA, PCI-DSS, ISO 27001, NIST SP 800-177 (Trustworthy Email), and emerging post-quantum cryptography (PQC) guidance from NIST.

“Sixscape Email Security Suite helped us secure our communications, protect our identities and securely deploy communications to personal devices” – IT Director, leading Singapore based university

Download data sheet

Frequently Asked Questions

What is the difference between TLS and S/MIME email encryption?

TLS only encrypts the connection between mail servers, leaving messages readable at rest. S/MIME encrypts the message body and attachments themselves, end to end, so only a recipient holding the correct private key can decrypt them.

Does the Email Security Suite work on mobile devices?

Yes. The same secure email certificate and private key are deployed to Windows, macOS, iOS, and Android, with full Mobile Device Management (MDM) and BYOD support.

How is the private key protected?

Private keys are generated and stored inside FIPS 140-2 validated HSMs with M-of-N access control. Keys never leave authorized devices in clear form, and onsite escrow ensures recoverability if an employee departs or a device is lost.

Can the Suite encrypt mail sent to external recipients?

Yes. Policy-driven prospective encryption secures outbound mail to suppliers and partners, and the platform can issue certificates to external parties to extend trusted communication across your supply chain.

Is the platform prepared for post-quantum threats?

The Suite is crypto-agile and is being aligned with NIST-ratified post-quantum algorithms, helping organizations defend against “harvest-now, decrypt-later” attacks on archived encrypted email.