Recently, BIDMC and Atrius Health began a collaboration that required clinical data sharing and secure email.
I've described the clinical data sharing in a previous blog. Here's the approach we've used to secure email - SMTP over Transport Layer Security (TLS), which ensures all email is encrypted as it travels over the internet.
Configuring TLS varies with the gateway that you are using. We use Proofpoint Protection server as our primary MX servers. Proofpoint makes it very simple to enforce TLS between sites. There is a configuration option that allows you to specify what domains you want to enforce TLS with. (as a default we have opportunistic TLS turned on for every site). You simply add the domain you want to enforce and specify always use TLS.
The advantage of this approach is that it does not require any client side certificates or complex server side certificate management. No special software is needed at the desktop and the encryption is invisible to the user.
Secure email that is as easy as a setting on a gateway - that's cool.
No comments:
Post a Comment