This article introduces the main XM SendSecure concepts and features from the user point of view.
How Does XM SendSecure Work
Email vs. XM SendSecure
When you send an email, the written message and the attached files are always conveyed within the email, which is directly received by the recipient (but can also be intercepted on its way by a malicious third party).
- A temporary SafeBox is automatically created, and the content you sent (written message and attached files) is securely uploaded and stored, encrypted, in this SafeBox.
- The recipient is invited by email to privately access the SafeBox through a reliable authentication process, in order to securely retrieve the content you sent.
From Content Exchange to Team Workflow
A SafeBox can be seen as a private and secure location intended to temporarily store the content exchanged between the sender and the recipients.
At some point (and depending on the SafeBox presets), the sender and the recipients may all become participants of a controlled team workflow, replying to each other within the same SafeBox in order to contribute to a continuous exchange on the same subject.
SafeBox Life Cycle
In all cases, the SafeBox is eventually closed (automatically or manually). After that, Participants can no longer contribute to the SafeBox, but may still be able to get its content for a certain period of time (depending on the Security Profile).
Typically, the SafeBox content is finally deleted – as the main purpose of a SafeBox is to temporarily enable the secure exchange of information (and not necessarily long-term storage).
As soon as the SafeBox is closed, an Audit Record – summarizing all the activity that occurred in the SafeBox during the contribution period – remains available for further reference.
SafeBox Security Profile
- Participant properties – defining the rules and parameters about participants and their interactions (replies, privacy, special access, consent, alias, auto-added participants).
- Life cycle properties – defining all rules from the creation of the SafeBox to the deletion of its content (closing, extension, retention, deletion).
- Guest authentication properties – defining the way the XM SendSecure Guests will be able to access the SafeBox content (security code delivery methods and properties, count of allowed failed attempts, "remember me" option).
- Secure Link properties – defining additional authentication options specific to the Secure Link context (email validation, captcha).
- Content encryption properties – including advanced options for fine-tuning content encryption management (Encryption of attachments and messages, double encryption, key delivery).
These properties cannot be changed once the SafeBox is created.
For more information about Security Profiles and their availability, contact your account administrator.
- If the SafeBox was created by you (or on your behalf through a Secure Link), you are the SafeBox Owner, and you can monitor the SafeBox activity, add/retrieve content, manage the participants and control the SafeBox life cycle.
- Among the other
participants, the experience may be different depending on their consumer
status or their role in the SafeBox:
- All participants will typically receive an email invitation with a private link to access the SafeBox, in order to retrieve its content and optionally reply and add their own attachments.
- Participants that do not have an XM SendSecure account in your Enterprise Account – considered as Guests – may first need to manually get a security code (delivered by email, SMS or voice call) to gain access to the SafeBox.
- Participants from your Enterprise Account will gain access to the SafeBox through their usual XM SendSecure authentication process. If some of them were added as Privileged Participants, they will also have the same administrative rights as you on the SafeBox.
- The XM SendSecure Web Application – which allows you to create SafeBoxes and manage your SafeBox list in detail on your Cloud Portal.
- XM SendSecure for Outlook – which allows you to seamlessly create SafeBoxes (and perform minimal SafeBox management) through your Microsoft Outlook environment.
In all cases, a SafeBox will be created and you will be able to access and fully manage it as its Owner through your XM SendSecure Web Application.
As a user having an XM SendSecure account, you can securely receive files in several different ways:
Requesting Files Through a SafeBox
If you are expecting to receive files securely from someone in particular, you can create a SafeBox for this person, with a simple message requesting the files. In that case, you need to ensure to select a Security Profile that will allow the participant to Reply.
Once your contact has replied with the expected files, you will be able to directly retrieve them from the SafeBox through your XM SendSecure Web Application.
Receiving Files From an XM SendSecure User
If the sender has an XM SendSecure account, he has typically the same options as you have to create a SafeBox and securely send you files.
Receiving Files From a Third Party (by Secure Link)
To securely receive files from trusted contacts, you may have the option to provide these contacts with a Secure Link, through which they will be able to create SafeBoxes on your behalf.
If someone sends you files through a Secure Link, you become the Owner of the created SafeBox. You can then further manage the SafeBox and retrieve the files directly through your XM SendSecure Web Application.
All SafeBoxes you created and the ones in which you are intended to participate – except when you are a Guest – will appear in the SafeBox list available from your XM SendSecure Web Application.
From there, you can browse the list in order to access their content and reply with new content. If you are the Owner or a Privileged Participant in a SafeBox, you can also monitor the SafeBox activity, manage participants and control the SafeBox life cycle.
Search and filtering tools are available to help you find the SafeBoxes and their content.
For more details, see Managing SafeBoxes in XM SendSecure Web Application.