SPX Encryption Improvements for Sophos Email Appliance
We are pleased to introduce expanded Secure PDF Exchange (SPX) functionality, including end user password management.
Improved Password Strength: In the SPX Expiry and Password Limits dialog box, you can now select Require special characters if you want to require recipients to include at least one special character in their passwords. A list of valid special characters is displayed to recipients in the SPX portal when they are setting a password. In addition, the default minimum password length has been increased from 6 to 8 for added security.
-
End user password options: You can now grant recipients the ability to reset and recover their own passwords. Prior to this release, forgotten passwords could not be recovered, and passwords could only be reset through the administrative interface. The ability to change passwords, which was available by default, can now be disabled.
In addition to the password check boxes, there is a drop-down list that is used to specify the number of challenge questions required for password reset/recovery. If you enable either Password reset or Password recovery, recipients will have to set at least one challenge question that must then be answered when resetting or recovering a password. These features are available whether you allow recipients to choose their own passwords or communicate passwords to recipients out-of-band. If passwords are issued through a custom web service, these features are unavailable (grayed out).
Message Styling for Recipient Instructions: The same features that are used to apply Sophos graphics or custom graphics to the SPX portal are now available on the Recipient Instructions page of the SPX Template wizard. Images selected here are displayed in instructional message that accompanies every SPX-encrypted message.
Login for Secure Reply: If you opt to enable secure reply, which allows recipients to respond securely to encrypted messages, you can require that recipients provide a username and password to access the secure reply section of the SPX portal. This provides added security in cases where recipients are accessing encrypted messages in less secure locations, such as public email kiosks.
Additional Template Details: The Template Name page of the wizard has two new text boxes. The first, Organization name, specifies the name that is displayed to recipients in end user communications. The second is System email address, which inserts a “from” address that recipients can use if they have problems with password management. This address is displayed to recipients in all system-delivered messages. Depending on your organizational policies, this can also be set to an address that rejects mail.
These new features further extend the capabilities of the Email Appliance.