Email messages are sent in plain text. It is possible for anyone with access to our network with packet sniffing software to read your email messages as they are being sent in plain text. This is why we recommend that you use secure email communications when sharing sensitive data via email. Encrypting your email messages protects the privacy of the message by converting it from plain, readable text into cipher (scrambled) text. Only the recipient will be able to decipher the email message.

You should use secure mail whenever you send a message that contains:
- Individually identifiable personal information
- Legal communication
- Financial communication (credit card or bank account numbers…)
- SSN (but we prefer you do not send these in email at all)
- Medical or Educational records (grades used in context with personally identifiable information such as name, address, Student ID …)
- if in doubt use secure email..

**************************************************************

The process of sharing encrypted email requires the sender AND recipient to acquire a Certificate. An issued certificate will contain a private and a public key. Then the sender and recipient must share their public keys (which is part of their digital signature). These keys will be stored in the CONTACTS folder in Outlook. A certificate will only need to be requested (step 1&2) ONE time. You will need to share your key (step 3) with EACH co-worker that you will send/receive encrypted email . You must send them your key- they must send you theirs.

1 – Request a Certificate
   a. Open your web browser and go to the following page:
http:// certsrv.usi.edu/certsrv
   b.Choose Request a certificate
   c.Choose E-mail protection certificate
   d.You may need to click on a yellow bar near the top of the screen that says “this website wants to run the following add-on”
   e.Choose Run Add in, and then RUN
   f.Fill in the boxes with your name, email address and other info – click SUBMIT
   g.Answer YES to “do you want…”
   h.If window says “install this certificate – jump to step L, else wait for your certificate to be approved. It usually takes a few minutes.
   i.Revisit the page http://certsrv.usi.edu/certsrv - (with the SAME browser used before)
   j.Click View the status of a pending Certificate request
   k.Select Email Certificate
   l.Click INSTALL this Certificate
   m.Answer YES to “Do you want this program to add the certificates now”
   n.Answer YES to “Do you want to install certificate” warning

2. Install your certificate into Outlook
a. Start Outlook
b. click Tools
c. Click Trust Center
d. Click Email Security
e. Click SETTINGS, and then choose (My S/MIME settings your email address) and click OK, OK

3. Share your Key with your co-worker.
a. Start a new Outlook Message
b. Address the message to your co-worker
c. Refer to the Image below. Click on the little square next to OPTIONS in the toolbar/ribbon.
d. Click SECURITY SETTINGS in new widow.
e. Check “Add digital signature to this message”, click OK, and Close.
f. Type a quick message to the recipient letting them know you are sending them your Digital Signature.
g. Send message.

4. How to receive co-workers key/digital signature.
a. Open the message from your co-worker with his/her Digital signature
b. Right click the Sender’s name (FROM NAME) and choose ADD TO OUTLOOK CONTACTS.
c. Click SAVE and CLOSE (top left)

5. Send an Encrypted Message.
FYI: Once BOTH co-workers have shared their digital signatures – they are able to send encrypted messages.
They will never have to repeat the steps (1-4) above again (for encrypted email between the two of them).
a. Start a new message, enter co-worker email address, and subject
b. Click the little square next to OPTIONS in the ribbon (see image above)
c. Choose SECURITY SETTINGS
d. Check, Encrypt message and attachments, OK, Close
e. Type a message and Send

Since you have shared your key with the recipient they should receive this email and open it as a normal message.

What have you accomplished? If someone were “sniffing” the wire as this message was being passed, they would not see plain readable text – it would appear as garbled text.

Questions or corrections to this page? Call Carol Schmitt x1987 or the Help Desk x1080