Using XM SendSecure: Overview

Administrator -

This article introduces the main XM SendSecure concepts and features from the user point of view.

How Does XM SendSecure Work

Email vs. XM SendSecure

When you send an email, the written message and the attached files are always conveyed within the email, which is directly received by the recipient (but can also be intercepted on its way by a malicious third party).

With XM SendSecure, from the moment you send a secure message:
  1. A temporary SafeBox is automatically created, and the content you sent (written message and attached files) is securely uploaded and stored, encrypted, in this SafeBox.
  2. The recipient is invited by email to privately access the SafeBox through a reliable authentication process, in order to securely retrieve the content you sent.

From Content Exchange to Team Workflow

A SafeBox can be seen as a private and secure location intended to temporarily store the content exchanged between the sender and the recipients.

At some point (and depending on the SafeBox presets), the sender and the recipients may all become participants of a controlled team workflow, replying to each other within the same SafeBox in order to contribute to a continuous exchange on the same subject.

SafeBox Life Cycle

In all cases, the SafeBox is eventually closed (automatically or manually). After that, Participants can no longer contribute to the SafeBox, but may still be able to get its content for a certain period of time (depending on the Security Profile).

Typically, the SafeBox content is finally deleted – as the main purpose of a SafeBox is to temporarily enable the secure exchange of information (and not necessarily long-term storage).

As soon as the SafeBox is closed, an Audit Record – summarizing all the activity that occurred in the SafeBox during the contribution period – remains available for further reference.

SafeBox Security Profile

Each created SafeBox has several properties set through the selection of a Security Profile when composing the initial secure message. They include:
  • Participant properties – defining the rules and parameters about participants and their interactions (replies, privacy, special access, consent, alias, auto-added participants).
  • Life cycle properties – defining all rules from the creation of the SafeBox to the deletion of its content (closing, extension, retention, deletion).
  • Guest authentication properties – defining the way the XM SendSecure Guests will be able to access the SafeBox content (security code delivery methods and properties, count of allowed failed attempts, "remember me" option).
  • Secure Link properties – defining additional authentication options specific to the Secure Link context (email validation, captcha).
  • Content encryption properties – including advanced options for fine-tuning content encryption management (Encryption of attachments and messages, double encryption, key delivery).

These properties cannot be changed once the SafeBox is created.

Note: Security Profiles are defined by your account administrator. As such, you may be able to use one or more profiles (in Security Options) and you may be able (or not) to adjust some of their settings.

For more information about Security Profiles and their availability, contact your account administrator.

SafeBox Participants

Once the SafeBox is created, you and the recipients all become SafeBox Participants.
  • If the SafeBox was created by you (or on your behalf through a Secure Link), you are the SafeBox Owner, and you can monitor the SafeBox activity, add/retrieve content, manage the participants and control the SafeBox life cycle.
  • Among the other participants, the experience may be different depending on their consumer status or their role in the SafeBox:
    • By default, all participants will receive an invitation (typically by email) with a private link to access the SafeBox, in order to retrieve its content and optionally reply and add their own attachments.
    • Participants that do not have an XM SendSecure account in your Enterprise Account – considered as Guests – may first need to manually get a security code (delivered by email, SMS or voice call) to gain access to the SafeBox.
    • Participants from your Enterprise Account will gain access to the SafeBox through their usual XM SendSecure authentication process. If some of them were added as Privileged Participants, they will also have the same administrative rights as you on the SafeBox.
Tip: If you want to test XM SendSecure and see what the Guest experience looks like, simply create a SafeBox and add yourself as a recipient. In this specific scenario, you will be added twice to the SafeBox: as the Owner and as a Guest. These two participants will share the same email address but will access the SafeBox according to their respective roles.

Sending Files

As a user of the XM SendSecure Service, you have access to several means to compose a secure message in order to securely send your files through a SafeBox:
  • The XM SendSecure Web Application allows you to create SafeBoxes and manage your SafeBox list on your Cloud Portal using a Web browser.
  • The XM SendSecure Mobile App allows you to create SafeBoxes and manage your SafeBox list directly from your mobile device (iOS/Android).
    • To get the XM SendSecure Mobile App, see XM SendSecure Mobile App.
    • To use it, refer to the same article as for the Web Application.
  • XM SendSecure for Outlook allows you to seamlessly create SafeBoxes (and perform minimal SafeBox management) through your Microsoft Outlook environment.
  • A few XM SendSecure MFP connectors/apps are also available to securely send documents via XM SendSecure from certain types of Multi-Function Printers:
    • Toshiba e-Bridge Next (eBN)
    • Xerox ConnectKey
    To get these MFP connectors/apps, see Software & Tools / XM SendSecure Service. Each connector/app comes with its own documentation explaining how to install, configure and use it.
Note: Other custom/integrated application(s) may also have been especially designed for your corporate needs. In such a case, refer to your account administrator.

In all cases, a SafeBox will be created and you will be able to access and fully manage it as its Owner through your XM SendSecure Web or Mobile App.

Receiving Files

As a user having an XM SendSecure account, you can securely receive files in several different ways:

Requesting Files Through a SafeBox

If you are expecting to receive files securely from someone in particular, you can create a SafeBox for this person, with a simple message requesting the files. In that case, you need to ensure to select a Security Profile that will allow the participant to Reply.

Once your contact has replied with the expected files, you will be able to directly retrieve them from the SafeBox through your XM SendSecure Web or Mobile App.

Receiving Files From an XM SendSecure User

If the sender has an XM SendSecure account, he has typically the same options as you have to create a SafeBox and securely send you files.

In that case, the sender will be the Owner of the SafeBox, and you will be a Participant. If you were added as a Privileged Participant, you will have the same management rights as the Owner on the SafeBox and its Participants.
Note: The SafeBox will appear in your SafeBox List only if you are from the same Enterprise Account as the Owner. Otherwise, you will access the SafeBox as a Guest (i.e. with security code required and through a Web interface dedicated to XM SendSecure Guests).

Receiving Files From a Third Party (by Secure Link)

To securely receive files from trusted contacts, you may have the option to provide these contacts with a Secure Link, through which they will be able to create SafeBoxes on your behalf.

If someone sends you files through a Secure Link, you become the Owner of the created SafeBox. You can then further manage the SafeBox and retrieve the files directly through your XM SendSecure Web or Mobile App.

Note: For more information on this functionality and the available options, see your account administrator.

Managing SafeBoxes

All SafeBoxes you created and the ones in which you are intended to participate – except when you are a Guest – will appear in your SafeBox list, which is available from your XM SendSecure Web or Mobile App.

From there, you can browse the list in order to access their content and reply with new content. If you are the Owner or a Privileged Participant in a SafeBox, you can also monitor the SafeBox activity, manage participants and control the SafeBox life cycle.

Search and filtering tools are available to help you find the SafeBoxes and their content.

For more details, see Managing SafeBoxes in XM SendSecure Web or Mobile App.

Have more questions? Submit a request

Comments

Powered by Zendesk