Protecting Data In Motion

Email & data movement

Email and data movement have become a prevalent media for business communications, and their popularity continues to grow. Every day, sensitive information is shared with business partners and customers via email and other transfer methods.

Although email is critical to the rapid pace of business today, the general lack of message security is a source of concern, both for regulators and business executives. Regulations such as Sarbanes-Oxley and HIPAAQ require that email messages containing sensitive or confidential data must be handled securely. Additionally, executive correspondence and exchanges concerning personnel, legal and other confidential matters must be protected from unauthorized viewing.

The more that businesses rely on email and moving their data outside of their secure environments, the more critical it becomes to protect confidential email messages from unauthorized eyes. Our encryption solution combines robust encryption with ease of use to ensure that vital business information is properly secured, yet continues to flow freely between senders and recipients.


Secure Email

Around the world, a trend towards more stringent industry regulations and stricter compliance standards is becoming apparent. This sets tougher requirements for email security of businesses and organizations of any size and in any industry. Infringing on regulations such as HIPAA, SOX, DPD and Basel III or losing valuable company information can have serious consequences: financial penalties, economic damage and loss of trust on both the partner and customer side among them.

Email communication is particularly vulnerable to data loss since the SMTP protocol does not include any protective mechanisms. Whoever wants to intercept data traffic can do so with a minimum of effort. As a matter of fact, most breaches of guidelines can be traced back to lacking email security. However, these shortcomings do not override the importance of email usage in business communication.

Message confidentiality, integrity and authenticity thus need to be ensured with additional measures. Hence using a reliable secure messaging solution that protects sensitive information even on the move is becoming increasingly important for most companies. The FIPS 140-2-validated totemomail® Encryption Gateway is optimized for mobile devices and helps to strictly observe security guidelines as well as monitor them comprehensively for internal and external audits.

totemomail® Encryption Gateway protects your email communication with customers and business partners whereas totemomail® Internal Encryption secures your internal email traffic. In combination, they become the innovative and potent hybrid encryption solution totemomail® Hybrid Encryption.

Secure Internal Email Communication with totemomail® Internal Encryption

Download brochure
totemomail® Internal Encryption is an innovative FIPS 140-2-validated module that protects sensitive emails within an organization's network all the way from sender to recipient. It is able to encrypt messages not only on workstations, but also on laptops and mobile devices based on iOS and Android.

Accordingly, companies protecting their emails with totemomail®

totemomail® Internal Encryption can be run in combination with the totemomail® Encryption Gateway or as a stand-alone product.

Traditional gateways encrypt and decrypt emails between the gateway and the external recipient. But within the company network, confidential messages remain unprotected and fully readable for unauthorized third parties.

With a conventional solution, this issue can only be addressed through end-to-end encryption. However, this calls for extra software components, proprietary email protocols or encrypted connections. Thus the company loses control over its email security: central spam and virus filtering or content scanning can no longer be ensured.

Internal Encryption solves these gateway concept issues while preserving the advantages of a server-based approach. For it is able to automatically collect and manage keys and certificates. Moreover, the company security policies are centrally defined and applied to the messages. Internal and external communication partners can thus comfortably exchange secure emails without thinking twice.

+Internal Sender - Internal Recipient
When communicating with an internal partner, the message is encrypted via S/MIME directly in the sender's email client and delivered to the recipient by the company email server. The recipient's email client decrypts the email and thus makes it readable again. In this case, there is no need for central data flow control since the email never leaves the company network.

+Internal Sender - External Recipient
Communication with external partners remains secure due to de facto end-to-end encryption between the device and the gateway. At the gateway, the message encrypted directly in the sender's email client is decrypted and undergoes the company's usual security checks. This protects the encrypted emails not only against external attacks, but also against curious co-workers and administrators. Before transmission, the gateway converts the confidential email into the recipient's preferred encryption technology (e.g. totemomail® WebMail, totemomail® PushedPDF, OpenPGP or back to S/MIME).

+External Sender - Internal Recipient
Emails sent by external partners – whether encrypted or not – are also processed according to the company's predefined security guidelines. After inspection at the gateway, they are encrypted with S/MIME and delivered to the recipient.

The optional module totemomail® Internal Encryption for the totemomail® Encryption Gateway protects the entire email communication with internal and external partners and supports all kinds of mobile devices.

+Internal Encryption on Desktops
totemomail® Internal Encryption is able to independently generate certificates for business partners and customers. Thus messages can be directly encrypted in every email client, which keeps email communication secure with any given internal or external partner. Moreover, the need to integrate third-party products is eliminated. This substantially simplifies solution installation, operation and support.

+Internal Encryption on Mobile Devices
totemomail® Internal Encryption adds certificate management functionalities to the Exchange ActiveSync protocol. This enhancement sustainably facilitates the implementation of BYOD strategies. Combined with totemomail®'s automatic certificate distribution, this provides a comprehensive solution for email encryption on smartphones and tablets.

iPhones and iPads as well as Android-based devices are thus able to send and process both internally and externally encrypted messages. Users will go on working with their device's standard email client. No extra software component nor apps need to be installed.

+Internal Encryption with BlackBerry® Devices
In combination with the S/MIME Support Package (SSP) by BlackBerry®, totemomail® Internal Encryption is able to encrypt all communication between the email client and the BlackBerry®. Device integration works rapidly and in analogy to the integration of an internal email client.

Thus SSP and the user's private key need to be stored on the device. Once these requirements are fulfilled, the BlackBerry® can send and receive encrypted messages by any given internal and external communication partner.

totemomail® Internal Encryption offers various advantages for your business. Message encryption and decryption occurs directly within the device's native email client. No additional software nor plug-ins need to be installed. At the same time, the company security guidelines are automatically and centrally applied. Thus there is no need for end user training.

As a result, the administrator's work load is reduced, which again increases efficiency and minimizes maintenance costs. In the end, this obviously benefits the business as a whole.

+Organization Benefits

  • Exchange of encrypted emails with internal communication partners, business partners and customers even without an encryption technology of their own
  • Security and efficiency due to high level of automation
  • Centralized encryption and decryption as well as application of security policies and compliance standards
  • Investment protection and strategic freedom through numerous interfaces with third-party systems

Security checks such as virus control, content scanning, anti-spam protection etc. remain ensured

+Administration Benefits

  • Easy integration into existing IT infrastructure
  • No installation of specific email clients or plugins necessary neither for co-workers nor external communication partners
  • Graphic interface for administration console
  • Granular user-role definition
  • No user training necessary due to transparent handling

Automatic generation and management of personal certificates

+User Benefits

  • Secure and flexible communication with internal and external partners
  • Work processes and software remain unaffected by implementation
  • Consistent observance of security guidelines and compliance standards
totemomail® Internal Encryption is available as a software, as a virtual appliance or as a hardware appliance. The appliances are particularly suited for organizations not wanting to run their own servers. They come with a specially hardened Linux operating system. All necessary updates are made available by totemo online. They can be installed with a single click.

+Virtual Appliance
Compared with the hardware appliance, its virtual counterpart can be put into service more quickly and reduces power consumption. It is available in various configurations and offers flexibility and scalability for organizations of any size.

totemo is a VMware Technology Alliance Partner. Therefore the virtual appliance runs on any standard desktop or server system using VMware virtualization products. For the productive use use of the totemomail® Encryption Gateway, VMware infrastructure (VMware EXS 3.0 or higher) or a VMware server is recommended.

Identification VA TMS VA TML
CPU 1 1
RAM 1 GB 2 GB
Storage 230 GB 250 GB

 

+Hardware Appliance
The hardware appliances are available in various configurations. This allows any organization to find the system best suited for their needs.

Identification MR 3110 MR 7110
User max. 500 over 500
CPU 1x Intel Core 2 Duo 2x Intel Xeon Quad Core
RAM 1x 2GB 2x 2GB
Storage 1x 3.5" 500GB HDD 2x 3.5" 500GVB HDD (RAID 1)

+Software
The software is available for Windows, Linux and Unix platforms.

totemomail® Internal Encryption can be used in combination with the totemomail® Encryption Gateway as a high-performing and innovative hybrid encryption solution. It is based on the de facto end-to-end encryption of confidential emails.

The module also runs independently from the totemomail® Encryption Gateway as a stand-alone product to secure all internal emails. Secure communication with external partners is also possible directly out of the email client – without additional software or plugins – using pro-forma certificates.

Secure Email Communication with Customers and Partners with the totemomail® Encryption Gateway

Download brochure
Totemo TrustMail® Secure Messaging Gateway
The totemomail® Encryption Gateway pursues a consistent all-in-one-box approach regarding encryption and protects confidential email communication with any given external and internal partners. Encrypted transmission of all emails including delivery confirmation, sender identification, guaranteed message integrity as well as message non-repudiation are the automatized core functionalities of the solution.

Moreover, it is flexibly scalable and capable of multi-tenancy. If operated in a clustered environment, all settings can be configured on a single system. Optionally combined with the module totemomail® Internal Encryption – which is also available as a stand-alone product -, the totemomail® Encryption Gateway becomes the high-performing and innovative hybrid solution totemomail® Hybrid Encryption.

It is completely transparent, requires neither additional software nor plugins for email clients and is therefore easily and quickly integrated into any existing environment. The sender and the recipient do not need to adapt their work processes since the company security guidelines are centrally defined and applied. Furthermore, the solution is fully compatible with a number of third-party systems.

The totemomail® Encryption Gateway reduces operation costs, administrative load and inadvertent mistakes to an absolute minimum through its high level of automation. All electronic messages are centrally encrypted and decrypted and company security guidelines are automatically applied to the emails. Even the enrollment of both external and internal users takes place automatically.

Before delivering an email to an external recipient, the totemomail® Encryption Gateway checks his credentials. If he is already enrolled, the message is encrypted with the corresponding public key or signed with the matching digital certificate. In case the recipient does not use an encryption technology of his own, the totemomail® Encryption offers secure alternative delivery methods.

The original message is retained and remains encrypted until the user is authenticated. Thus the solution ensures that sensitive information does not leave the company network unprotected.

The totemomail®  Encryption Gateway can be customized to meet the needs of any organization. For it is flexible, easy to integrate with the existing IT infrastructure and scalable as required.

+Automatized Certificate and Key Management
The totemomail® Encryption Gateway's core function is its automatized certificate and key management. Via the graphic interface of the administration console, the company certificate policies can be easily and comprehensively configured.

Amongst other things, settings for trustworthy certificate authorities (CA), the online validation of certificates, the required attributes for certificate and key checks as well as the validity period of certificates generated by the totemomail®

By means of the automatic user enrollment feature, it independently collects and encrypts the certificates and keys already available, then saves them within the key store. The totemomail®

Alternatively, the totemomail® Encryption Gateway can be connected to an external PKI solution or CA (e.g. S-Trust, Swisscom, SwissSign, QuoVadis, SignTrust etc.) via one of the numerous integrated standard interfaces.

+Automatized User Enrollment
The totemomail® Encryption Gateway independently identifies internal and external users and enrolls them without any manual intervention by the sender or an administrator. Thus the administrative load is kept as low as possible.

For first-time recipients, the totemomail® Encryption Gateway retains the original message until they are successfully authenticated. Then they receive their email either digitally signed with the matching key, via totemomail® WebMail or as a totemomail® PushedPDF.

+Defining Security Policies
The company security policies as well as the corresponding email workflows are defined in the administration console. It allows a virtually infinite combination of complex rules as well as their automatized application such as the encryption of any message sent to a specific domain. Along with the integrated group management, even functional mailboxes, escalation procedures etc. can be easily configured and applied.

+Admnistration via Graphic User Interface
The totemomail® Encryption Gateway offers a web-based administration console with a graphic user interface, a dashboard and a message tracking centre. No programming skills are required to define the security guidelines for email workflows. The administration of the whole solution can be shared between several employees.

+Comprehensive Automatized Reporting
The totemomail® Encryption Gateway offers comprehensive reporting capabilities. The required reports are automatically generated and delivered to the defined recipients in scheduled intervals. The reporting settings can be comfortably configured and managed in the administration console.

+Enhanced Observance of Compliance StandardsFor internal and external audits and reviews, complete and easily searchable records of all compliance-related actions are needed. The totemomail® Encryption Gateway caters to that need with auditable log files, a read-only role for audit users and enhanced tracking functionalities.

The totemomail® Encryption Gateway offers various advantages for your business.  The company security guidelines are automatically implemented and applied. Thus the end users need no training. As a result, the administrator's workload is reduced, which again increases efficiency and minimizes maintenance costs. In the end, this obviously benefits the business as a whole.

+Organization Benefits

  • Flexible and secure email communication with external partners with or without an encryption technology of their own
  • Security and cost-efficiency due to high level of automation
  • Central encryption and decryption as well as application of security policies and compliance standards
  • Investment protection and strategic freedom through numerous interfaces with third-party systems
  • Optional: Internal encryption with S/MIME

+Administration Benefits

  • Easy integration into existing IT infrastructure
  • No installation of specific email clients or plugins necessary neither for employees nor business partners nor customers
  • Graphic user interface for administration console
  • Granular user role definition

No user training necessary due to transparent handling

+User Benefits

  • Easy and secure communication with internal and external partners
  • Work processes and software remain unaffected by implementation

Consistent observance of security guidelines and compliance standards

The totemomail® Encryption Gateway is available as a software, as a virtual appliance or as a hardware appliance. The appliances are particularly suited for organizations not wanting to run their own servers. They come with a specially hardened Linux operating system. All necessary updates are made available by totemo online. They can be installed with a single click.

+Virtual Appliance
Compared with the hardware appliance, its virtual counterpart can be put into service more quickly and reduces power consumption. It is available in various configurations and offers flexibility and scalability for organizations of any size.

totemo is a VMware Technology Alliance Partner. Therefore the virtual appliance runs on any standard desktop or server system using VMware virtualization products. For the productive use use of the totemomail® Encryption Gateway, VMware infrastructure (VMware EXS 3.0 or higher) or a VMware server is recommended.

Identification VA TMS VA TML
CPU 1 1
RAM 1 GB 2 GB
Storage 230 GB 250 GB

+Hardware Appliance
The hardware appliances are available in various configurations. This allows any organization to find the system best suited for their needs.

Identification MR 3110 MR 7110
User max. 500 over 500
CPU 1x Intel Core 2 Duo 2x Intel Xeon Quad Core
RAM 1x 2GB 2x 2GB
Storage 1x 3.5" 500GB HDD 2x 3.5" 500GVB HDD (RAID 1)

 

 

+Software

The software is available for Windows, Linux and Unix platforms.

The totemomail® Encryption Gateway communicates directly with all current email clients. Thus neither internal users nor external communication partners need to install additional components.
Secure Internal Email Communication from Sender to Recipient with totemomail® Hybrid Encryption

Download brochure
Guess who is the biggest threat to your business's data security: It's your staff. They have access to all kinds of sensitive information. However, they do not always have the necessary tools or know-how to securely exchange these with colleagues or external communication partners. But high-quality data is a crucial factor for company success. It therefore needs to be consistently protected against unauthorized access.

Extensive staff training regarding the correct handling of sensitive data is expensive and time-consuming. Implementing complex procedures to secure confidential information is a drag on productivity. Despite these measures, it remains impossible to rule out inadvertent mistakes or errors of reasoning. Moreover, the relevant laws and regulations are constantly revised. That is why an easy-to-handle technical solution that does not require additional software nor affect employee routines is your best bet to protect sensitive data. In this manner, internal security guidelines and legally prescribed compliance standards can be centrally defined, applied and logged.

A hybrid encryption solution secures the transmission of confidential emails all the way from sender to internal or external recipient. For sensitive information can fall into the wrong hands within the company network as well as through communication with customers and business partners. To prevent this, we developed the FIPS 140-2-validated, high-performing and innovative comprehensive solution totemomail® Hybrid Encryption. It seamlessly integrates into any existing IT infrastructure and consists of the totemomail® Encryption Gateway and the module totemomail® Internal Encryption, which is also available as a stand-alone product. Secure communication with partners wo do not use an encryption technology of their own remains possible thanks to the modules totemomail® WebMail and totemomail® PushedPDF, which are integrated into the gateway.

totemomail® Internal Encryption reduces operation costs, administrative load and inadvertent mistakes to an absolute minimum through its high level of automation. All electronic messages are centrally encrypted and decrypted and company security guidelines are automatically applied to the emails. Even the enrollment of both external and internal users takes place automatically.

When communicating with an internal partner, the message is encrypted directly in the sender's email client and delivered to the recipient by the company email server. The recipient's email client decrypts the email and thus makes it readable again. In this case, there is no need for central data flow control since the email never leaves the company network.

Messages to external partners are decrypted at the gateway and undergo the company's usual security checks. Therafter, they are re-encrypted and delivered according to the recipient's preferences.

Emails sent by external partners – whether encrypted or not – are also processed according to the company's predefined security guidelines. After inspection at the gateway, they are internally encrypted and delivered to the recipient.

 totemomail® Hybrid Encryption can accommodate the needs of any organization because it is flexible, scalable as required and seamlessly integrates into any existing IT infrastructure.

The solution is compatible with a variety of third-party systems and offers all automatized core functionalities of the gateway: e.g. encrypted transmission of confidential emails to external recipients including delivery confirmation, sender identification, guaranteed message integrity as well as message non-repudiation. Confidential messages to internal recipients are encrypted directly within the sender's native email client. No additional software nor plugins are needed. totemomail® Hybrid Encryption also works on laptops, tablets and smartphones based on iOS, Android and BlackBerry®.  

+Automatized Certificate and Key Management
totemomail® Hybrid Encryption's core function is its automatized certificate and key management. Through automatized user enrollment, the solution independently collects the existing certificates and keys and and saves them encrypted in the key store. Amongst other parameters, settings for certificate and key checks, validation and validity period can be defined.

+Automatized User Enrollment
totemomail® Hybrid Encryption independently identifies internal and external users and enrolls them without any manual intervention by the sender or the administrator. For first-time recipients, the solution retains the original message until they are successfully authenticated.

+Defining Security Policies
The company security policies as well as the corresponding email workflows are defined in the administration console. The console allows a virtually infinite combination of complex rules as well as their automatized application such as the encryption of any message sent to a specific domain.

+Administration via Graphic User Interface
totemomail® Hybrid Encryption offers a web-based administration console with a graphic user interface, a dashboard and a message tracking center. No programming skills are required to define the security guidelines for email workflows. The administration of the whole solution can be shared between several employees.

+Comprehensive Automatized Reporting
totemomail® Hybrid Encryption offers comprehensive reporting capabilities. The required reports are delivered in scheduled intervals to the defined recipients. The reporting settings can be comfortably configured and managed in the administration console.

+Enhanced Observance of Compliance Standards

For internal and external audits, complete and easily searchable records of all compliance-related actions are needed. totemomail® Hybrid Encryption caters to that need by providing auditable log files, a read-only role for audit users and enhanced tracking functionalities.

totemomail® Hybrid Encryption offers various advantages for your business. The company security guidelines are centrally and automatically applied. Thus there is no need for end user training. As a result, the administrator's work load is reduced, which again increases efficiency and minimizes maintenance costs. In the end, this obviously benefits your business as a whole.

+Organization Benefits

  • Flexible and secure email communication with external partners with or without an encryption technology of their own
  • Security and cost-efficiency due to high level of automation
  • Central encryption and decryption as well as application of security policies and compliance standards
  • Investment protection and strategic freedom through numerous interfaces with third-party systems
  • Internal encryption with S/MIME
  • Security checks such as virus control, content scanning, anti-spam protection etc. remain ensured

+Administration Benefits

  • Easy integration into existing IT infrastructure
  • No installation of specific email clients or plugins necessary neither for co-workers nor external communication partners
  • Automatic generation and management of personal certificates
  • Graphic user interface for administration console
  • Granular user role definition
  • No user training necessary due to transparent handling

+User Benefits

  • Secure and flexible communication with internal and external partners
  • Work processes and software remain unaffected by implementation
  • Consistent observance of security guidelines and compliance standards
totemomail® Hybrid Encryption is available as a software, as a virtual appliance or as a hardware appliance. The appliances are particularly suited for organizations not wanting to run their own servers. They come with a specially hardened Linux operating system. All necessary updates are made available by totemo online. They can be installed with a single click.

+Virtual Appliance
Compared with the hardware appliance, its virtual counterpart can be put into service more quickly and reduces power consumption. It is available in various configurations and offers flexibility and scalability for organizations of any size.

totemo is a VMware Technology Alliance Partner. Therefore the virtual appliance runs on any standard desktop or server system using VMware virtualization products. For the productive use use of the totemomail® Encryption Gateway, VMware infrastructure (VMware EXS 3.0 or higher) or a VMware server is recommended.

Identification VA TMS VA TML
CPU 1 1
RAM 1 GB 2 GB
Storage 250 GB 250 GB

 

+Hardware Appliance
The hardware appliances are available in various configurations. This allows any organization to find the system best suited for their needs.

Identification MR 3110 MR 7110
User max. 500 over 500
CPU 1x Intel Core 2 Duo 2x Intel Xeon Quad Core
RAM 1x 2GB 2x 2GB
Storage 1x 3.5" 500GB HDD 2x 3.5" 500GVB HDD (RAID 1)

 

+Software
The software is available for Windows, Linux and Unix platforms.

The totemomail® Hybrid Encryption solution consists of the totemomail® Encryption Gateway and the module totemomail® Internal Encryption. It ensures the de facto end-to-end encryption of all confidential messages.

The hybrid solution communicates directly with all current email clients. Thus neither your employees nor your customers and business partners need to install additional

The high-performing and innovative hybrid encryption solution totemomail® Hybrid Encryption consists of totemomail® Encryption Gateway and the module totemomail® Internal Encryption, which is responsible for securing all internal email communication.

In order for you to communicate securely with business partners and customers who do not use an encryption technology of their own, the modules totemomail® WebMail and totemomail® PushedPDF are integrated into the gateway. On receiving his first message via totemomail® Hybrid Encryption, the external recipient chooses pull or push technology to process it. For recipients preferring the first option, totemomail® WebMail is the best solution. If they prefer the latter, however, totemomail® PushedPDF is ideal.

+Pull Technology: totemomail® WebMail
totemomail® WebMail renders secure electronic communication possible even with business partners and customers who do not use an encryption technology of their own. Thus an external recipient only needs a web browser to read and process encrypted emails. Compared with other alternative encryption methods, totemomail® WebMail offers the most advantages for organizations preferring push technology.

The Java 7-based web service's graphic interface as well as its menu navigation correspond to the visual appearance of Gmail or GMX and can easily be adapted to the company's corporate design. They are also optimized for use with smartphones and tablets. This makes secure communication with customers and business partners independent of place and device and ensures maximum user convenience. With totemomail® Hybrid Encryption, companies are therefore thoroughly prepared for BYOD strategies – whether their own or their business partners'.

Click on the Product Overview for totemomail® WebMail to learn more.

+Push Technology: totemomail® PushedPDF
To date, S/MIME and OpenPGP are the most common encryption technologies. However, they are based on the use of certificates and keys. Although any current email client supports S/MIME encryption, relevant know-how or plugins are required to use it productively. That is why totemomail® Hybrid Encryption offers alternative email delivery channels such as totemomail® WebMail or totemomail® PushedPDF that are both user-friendly and secure.

With both encryption methods, any given communication partner can be comfortably and effortlessly reached – even if he does not have a totemomail® Hybrid Encryption installation of his own. totemomail® PushedPDF is the best bet for companies preferring a push solution.

Strong encryption capabilities protect messages from phishing and brute force attacks. Moreover, Business Class email warrants complete control of the totemomail® PushedPDF messages even after delivery. Multi-factor authentication combined with a secure reply possibility offers maximum security for communication with partners outside the company network.

Click on the Product Overview for totemomail® PushedPDF to learn more.


Secure Managed
File Transfer

Business processes are driven by data. However, if this data gets into the wrong hands, this can cause great financial damage – not to speak of the suffering company image. Still data is exchanged freely and totally unsecured in most company networks. For neither the IP protocol nor the FTP servers that are popular for the exchange of large files meet current security standards. Moreover, email attachments tend to get bigger and bigger – which is another insecure way to exchange company data.

There is, however, an important question that needs to be answered: Who can guarantee the origin, authenticity, confidentiality, and integrity of the data? Data streams are data streams: conventional IP architectures lack a checkpoint that guarantees the secure flow of data. In other words: as the checkpoint does not exist on the network layer, it must be implemented on the application layer. The reason why this has hardly been done so far is related to the complexity of possible solutions. Nevertheless, the need for controlled data transfers is on the rise, as these are mission-critical for many enterprises and industries.

totemodata® is an easy-to-use solution for secure managed file transfer that guarantees data confidentiality, integrity, originality as well as origin in any scenario for organizations in any industry. All data movements between internal and external communication partners, between different systems within the company network as well as communication processes in business networks and processes are monitored and logged. This makes them completely transparent, which in turn enhances compliance with current regulations such as SOX, HIPAA, PCI and privacy legislation. With totemodata®, any organization is ready for audits and reviews.

totemodata® is platform-independent, supports all established data exchange protocols and seamlessly integrates into any existing IT infrastructure. The product offers complete security by encrypting both data and transfer protocols, sources out large email attachments on secure servers and is fully cloud-compatible. Its scalability makes totemodata® the ideal solution for companies and organizations of any size.

Administrators need neither programming skills nor insight into the communication protocols. The workflows and applications can be easily defined with the help of the graphic user interface of the administration console. Thus totemodata® offers a highly automated environment for secure managed file transfer that covers: Human to Human, Human to System and System to System components.

totemodata® makes secure spontaneous file transfer from human to human possible via email integration or the web-based virtual file system. As an alternative, totemo offers the intuitive desk-top or web app totemodata® SendIt for secure ad hoc data exchange. It is as easy to use as a standard email client and does not require additional software nor plugins on either communication side.
There are many ways to exchange data. But only few of them are secure. Sensitive information, however, needs to be protected and its movements need to be traceable at all times. Only that way, data exchange can meet company security guidelines and compliance standards.

In most organizations, growing employee mobility raises the requirements for securing sensitive data. The users therefore need a comfortable solution for secure file transfer that works on laptops, smartphones and tablets. At the same time, the data should not be saved on external servers that may even be abroad.

totemodata® SendIt makes secure spontaneous file transfer as easy as sending or receiving an email. Its graphic interface is so intuitive that there is no need for user training. With Drag and Drop for contacts, message content and files and automatic data compression, users can comfortably exchange files and file packages of any volume. As a plus, the data exchange remains transparent at all times due to optional authentication, read and download notifications. totemodata® SendIt works on the basis of totemodata® and is available as a web app or as an app for Windows, Mac OSX and Linux.

With totemodata®, secure spontaneous file transfer from human to human is also possible without an app via email integration or the web-based virtual data system.

totemodata® SendIt simplifies the secure exchange of sensitive data from human to human. With this app, communication with team members on different sites, colleagues working on-the-go and external partners permanently takes place in a controlled environment. Its intuitive interface increases the chance of people actually using it and thereby observing company security guidelines.
The sender drags the desired contacts and files of any volume onto the application. On typing his message into the text field, he optionally selects authentication, read and download notifications by ticking the respective boxes. The sender can also choose to receive a blind copy to retrace the exchange in his email client. The attached files are then automatically compressed. A click on ‘Send’ delivers the files using totemodata®.

The recipient gets an email with an attachment containing a link. Clicking this link will lead him to the sent files as well as the accompanying message. Any first-time user will find a password in the same email. It is necessary to download the files and needs to be changed immediately. The recipient can directly reply to the sender using the app.

totemodata® SendIt makes the secure exchange of confidential information between communication partnerns easy. Communication with colleagues in different locations or on-the-go takes place in a controlled environment. Its intuitive user interface increases the probability of people actually using secure communication paths and complying with security guidelines.

+Organization Benefits

  • Great user experience improves observation of security guidelines and compliance standards by employees and external partners
  • Data is not stored on external servers, but remains within the company network until it is downloaded

+Administration Benefits

  • App is easy to install (for web app users and recipients only, no installation necessary at all)
  • No user training necessary due to intuitive graphic interface
  • Every data exchange is recorded and controlled by totemodata®


+User Benefits

  • Easy and comfortable to use
  • Improved control over file exchange status (receipt, read notification etc.)
  • No full inbox due to big data volume
  • All sent data is stored in a single place (for senders and recipients)
  • Works on every device including tablets and smartphones
totemodata® SendIt relies on totemodata® technology and thus supports all data protocol standards (HTTPS, FTPS, SFTP, SCP, SMTP).
Files and folders in the virtual data system can be made available to as many colleagues and external partners as necessary. This considerably enhances collaboration on projects. For all users with access rights are notified when another user uploads a new file to a folder.
The totemodata® human-to-system file transfer functionality makes productive collaboration with colleagues and external partners easy. Files and folders in the virtual data system can be made available to as many users as necessary.

This considerably enhances keeping every employee concerned in the loop and the tracking of project progress. For all users with access rights are notified when another user uploads a new file to a folder.

totemodata® enables easy provision and reliable synchronization of data over a web-based interface that is intuitive to use as Dropbox. However, in opposition to that service provider, totemodata® secures the information stored in the virtual data system via encryption. The risk of unauthorized access or data loss is thus completely eliminated.

totemodata® is a strategic platform for all data exchange processes. The solution monitors and secures the data flow within the company network and beyond. With the help of a web-based graphic Workflow Engine integrated into the administration con-sole, these processes can be easily configured and automatized.

The Workflow Engine makes it possible to use totemodata® for secure managed file transfer in almost any scenario. Central administration combined with a close connection to LDAP and Active Directory results in efficient and granular management of access rights and privileges. Users and administrators always keep full control over the data flow and can optionally be informed about defined processes via automatic notifications.

With the help of the Workflow Engine, data can be encrypted, moved and – if a critical size is reached – copied into a Windows Share Network or an FTP server when a predefined event occurs.

totemodata® can be configured to cover the requirements of any organization. For it is flexible, easy to integrate into the existing IT infrastructure and fully scalable.

+Automatized Certificate and Key Management
totemodata® offers automatized key and certificate management. It automatically encrypts and decrypts the transfer protocols as well as the data stored on the gateway. The files and their integrity are also checked automatically. Moreover, the solution centrally generates digital signatures and automatically enrolls and manages users.

+Administration via a Graphic User Interface
With the integrated Workflow Engine, security guidelines and workflows are centrally defined and automatically implemented in accordance with the company’s needs. Thus there is almost no room for inadvertent mistakes. Thanks to the graphic user interface of the Engine, administrators can define complex workflows even if they have no programming skills.

Companies can thus rapidly integrate new applications into totemodata®. Access rights to files and folders, users and user groups can be granularly defined and managed. Administrators can also set up email, SMS or SNMP notifications for given events.

+High Availability & Maximum Security
totemodata® can be run in clustered environments and is protected against system failure by load balancing, redundancy and failover. The solution does not store any data in the DMZ, which in turn gets no access to the internal network. The easy integration of third-party products via the standard interfaces ensures the protection of data against viruses, Trojans and loss. totemodata® also supports a large number of authentication mechanisms (e.g. LDAP, digital signatures, Shared Secrets, RSA SecurID etc.).

+Enhanced Observance of Compliance Standards
totemodata® logs all actions and events in relation to the storage and transfer of data. Data movements over the internet as well as administrator and user activity are transparently and centrally monitored, secured and logged to fulfill the requirements for internal and external audits.

totemodata® offers manifold benefits for your business regarding file transfer from human to system.

+Organization Benefits

  • Flexible and secure data exchange with internal and external partners
  • Automatized observance of company security guidelines and compliance standards for each file transfer
  • Encryption prevents unauthorized access to virtual data system
  • Cost efficiency and enhanced productivity through high level of automation
  • Investment protection and strategic freedom through numerous standard interfaces


+Administration Benefits

  • Flexible and quick integration into existing infrastructure as well as third-party systems and applications
  • Easy definition of workflows via the graphic user interface of the administration console
  • No installation of plugins or extra software for users
  • Granular access management
  • No user training necessary thanks to transparent handling


+User Benefits

  • Secure data exchange with internal and external partners as easy as email via totemodata® SendIt
  • No additional plugins or software necessary
  • Easy Dropbox-like collaboration
  • Consistent observance of corporate security guidelines and compliance standards
The totemodata® functionality can be extended by adding different modules.

+Add-On: Email Integration
totemodata® extracts email attachments of a pre-defined size and makes them available for instance via a download link. Thus even files of several MB can be securely exchanged without filling the recipient’s inbox. For ad hoc file transfer, totemodata® SendIt is a handy alternative.

+Add-On: File Exchange Proxy
totemodata® can be used as a proxy between any internal user and any download site in the internet. Thus, central data flow control, logging and monitoring as well as temporary storage in case of multiple transfers of the same data can be ensured. These functions are available even for encrypted connections since the respective transfer protocol is centrally decrypted and – if necessary – transformed into another protocol.

totemodata® is available as a software, as a virtual appliance or as a hardware appliance. The appliances are particularly suited for organizations not wanting to run their own servers. They come with a specially hardened Linux operating system. All necessary updates are made available by totemo online. They can be installed with a single click.

+Virtual Appliance
Compared with the hardware appliance, its virtual counterpart can be put into service more quickly and reduces power consumption.

It is available in various configurations and offers flexibility and scalability for organizations of any size. totemo is a VMware Technology Alliance Partner. Therefore the virtual appliance runs on any standard desktop or server system using VMware virtualization products. For the productive use use of totemodata®, VMware infrastructure (VMware EXS 3.0 or higher) or a VMware server is recommended.

Identification VA 100 VA 250 VA 500
CPU 1 1 1
RAM 1 GB 1 GB 2 GB
Storage 50 GB 130GB 265 GB

 

+Hardware Appliance
The hardware appliances are available in various configurations. This allows any organization to find the system best suited for their needs.

Identification FT 3110 FT 7110
CPU 1x Intel Core 2 Duo 2x Intel Xeon Quad Core
RAM 1x 2GB 2x 2GB
Storage 1x 3.5" 500GB HDD 2x 3.5" 500GVB HDD (RAID 1)

 

+Software

The software is available for Windows, Linux and Unix platforms.

totemodata® consists of the Secure Data Exchange Server and the Protocol Server. Both components can be run on a single host, but two separate machines are recommended for greater security.

The Secure Data Exchange Server is responsible for data storage, user and workflow management, reports and auditing functionalities. Moreover, it provides all interfaces for data storage in the company network.

The Protocol Server is installed as a perimeter in the company DMZ. It augments the security of the entire environment and processes the authentication and authorization of external partners. It also ensures that the recipients get the data via their preferred protocol. In order to do so, the Secure Date Exchange Server pushes the required data on the Protocol Server where it is only located during the transfer.

totemodata® broadly overs the business needs of data security and control even on a large scale. File transfers up to several GB can be processed both within the company network or over several networks. Since the solution supports all established protocols, totemodata® can also be used as a data hub between different systems.

With totemodata®, data can for instance be easily and securely synchronized or backupped between different network zones or geographically separate locations. It also enables regular monitored data transfers to external authorities or business partners. These data flows to the recipient system can be triggered by an administrator or via an automatized workflow.

totemodata® broadly covers the business needs of data security and control even on a large scale. File transfers up to several GB can be processed either within the company network or over several networks. Since the solution supports all established protocols, totemodata® can also be used as a data hub between different systems.

With totemodata®, data can for instance be easily and securely synchronized or backupped between different network zones or geographically separate locations. It also enables regular monitored data transfers to external authorities or business partners. These data flows to the recipient system can be triggered by an administrator or via an automatized workflow.

totemodata® is a strategic platform for all data exchange processes. The solution monitors and secures the data flow within the company network and beyond. With the help of a web-based graphic Workflow Engine integrated into the administration console, these processes can be easily configured and automatized.

The Workflow Engine makes it possible to use totemodata® for secure managed file transfer in almost any scenario. Central administration combined with a close connection to LDAP and Active Directory results in efficient and granular management of access rights and privileges. Users and administrators always keep full control over the data flow and can optionally be informed about defined processes via automatic notifications.

With the help of the Workflow Engine, data can be encrypted, moved and – if a critical size is reached – copied into a Windows Share Network or an FTP server when a predefined event occurs.

totemodata® can be configured to cover the requirements of any organization. For it is flexible, easy to integrate into the existing IT infrastructure and fully scalable.

+Automatized Certificate and Key Management
totemodata® offers automatized key and certificate management. It automatically encrypts and decrypts the transfer protocols as well as the data stored on the gateway. The files and their integrity are also checked automatically. Moreover, the solution centrally generates digital signatures and automatically enrolls and manages users.

+Administration via a Graphic User Interface
With the integrated Workflow Engine, security guidelines and workflows are centrally defined and automatically implemented in accordance with the company's needs. Thus there is almost no room for inadvertent mistakes. Thanks to the graphic user interface of the Engine, administrators can define complex workflows even if they have no programming skills.

Companies can thus rapidly integrate new applications into totemodata®. Access rights to files and folders, users and user groups can be granularly defined and managed. Administrators can also set up email, SMS or SNMP notifications for given events.

+High Availability & Maximum Security
totemodata® can be run in clustered environments and is protected against system failure by load balancing, redundancy and failover. The solution does not store any data in the DMZ, which in turn gets no access to the internal network. The easy integration of third-party products via the standard interfaces ensures the protection of data against viruses, Trojans and loss. totemodata® also supports a large number of authentication mechanisms (e.g. LDAP, digital signatures, Shared Secrets, RSA SecurID etc.).

+Enhanced Observance of Compliance Standards
totemodata® logs all actions and events in relation to the storage and transfer of data. Data movements over the internet as well as administrator and user activity are transparently and centrally monitored, secured and logged to fulfill the requirements for internal and external audits.

totemodata® offers manifold benefits for your business regarding file transfer from human to system.

+Organization Benefits

  • Flexible and secure data exchange with internal and external partners
  • Automatized observance of company security guidelines and compliance standards for each file transfer
  • Encryption prevents unauthorized access to virtual data system
  • Cost efficiency and enhanced productivity through high level of automation
  • Investment protection and strategic freedom through numerous standard interfaces


+Administration Benefits

  • Flexible and quick integration into existing infrastructure as well as third-party systems and applications
  • Easy definition of workflows via the graphic user interface of the administration console
  • No installation of plugins or extra software for users
  • Granular access management
  • No user training necessary thanks to transparent handling


+User Benefits

  • Secure data exchange with internal and external partners as easy as email via totemodata® SendIt
  • No additional plugins or software necessary
  • Easy Dropbox-like collaboration
  • Consistent observance of corporate security guidelines and compliance standards
The totemodata® functionality can be extended by adding different modules.

+Add-On: Email Integration
totemodata® extracts email attachments of a pre-defined size and makes them available for instance via a download link. Thus even files of several MB can be securely exchanged without filling the recipient's inbox. For ad hoc file transfer, totemodata® SendIt is a handy alternative.


+Add-On: File Exchange Proxy

totemodata® can be used as a proxy between any internal user and any download site in the internet. Thus, central data flow control, logging and monitoring as well as temporary storage in case of multiple transfers of the same data can be ensured. These functions are available even for encrypted connections since the respective transfer protocol is centrally decrypted and – if necessary – transformed into another protocol.

totemodata® is available as a software, as a virtual appliance or as a hardware appliance. The appliances are particularly suited for organizations not wanting to run their own servers. They come with a specially hardened Linux operating system. All necessary updates are made available by totemo online. They can be installed with a single click.

+Virtual Appliance
Compared with the hardware appliance, its virtual counterpart can be put into service more quickly and reduces power consumption.

It is available in various configurations and offers flexibility and scalability for organizations of any size. totemo is a VMware Technology Alliance Partner. Therefore the virtual appliance runs on any standard desktop or server system using VMware virtualization products. For the productive use use of totemodata®, VMware infrastructure (VMware EXS 3.0 or higher) or a VMware server is recommended.

Identification VA 100 VA 250 VA 500
CPU 1 1 1
RAM 1 GB 1 GB 2 GB
Storage 50 GB 130GB 265 GB

 

+Hardware Appliance
The hardware appliances are available in various configurations. This allows any organization to find the system best suited for their needs.

Identification FT 3110 FT 7110
CPU 1x Intel Core 2 Duo 2x Intel Xeon Quad Core
RAM 1x 2GB 2x 2GB
Storage 1x 3.5" 500GB HDD 2x 3.5" 500GVB HDD (RAID 1)

 

+Software

The software is available for Windows, Linux and Unix platforms.

totemodata® consists of the Secure Data Exchange Server and the Protocol Server. Both components can be run on a single host, but two separate machines are recommended for greater security.

The Secure Data Exchange Server is responsible for data storage, user and workflow management, reports and auditing functionalities. Moreover, it provides all interfaces for data storage in the company network.

The Protocol Server is installed as a perimeter in the company DMZ. It augments the security of the entire environment and processes the authentication and authorization of external partners. It also ensures that the recipients get the data via their preferred protocol. In order to do so, the Secure Date Exchange Server pushes the required data on the Protocol Server where it is only located during the transfer.


Mobile Security

Email has become a prevalent medium for business communications, and its popularity continues to grow. Every day, sensitive information is shared with business partners and customers via email.

Although email is critical to the rapid pace of business today, the general lack of message security is a source of concern, both for regulators and business executives. Regulations such as Sarbanes-Oxley and HIPAAQ require that email messages containing sensitive or confidential data must be handled securely. Additionally, executive correspondence and exchanges concerning personnel, legal and other confidential matters must be protected from unauthorized viewing.

The more that businesses rely on email, the more critical it becomes to protect confidential email messages from unauthorized eyes. Our encryption solution combines robust encryption with ease of use to ensure that vital business information is properly secured, yet continues to flow freely between senders and recipients.

Secure Communication - Totemo Transcoder for BlackBerry®

he BlackBerry solutions from Research In Motion® (RIM®) have made a name as effective instruments of rationalization, because they give employees anytime and anywhere access to the most important factor in today's business world: information. To protect this information BlackBerry uses a strong encryption scheme in which the data are encrypted while transmission between the BlackBerry Enterprise Server and BlackBerry devices. Why do we need then additional security layer, as offered by the Totemo AG?

In the BlackBerry solution, emails – directed at mobile devices – are conducted about so-called BlackBerry routers. If a target device is not available, the relevant emails are temporarily stored within the infrastructure of Research in Motion. In most cases you will find the BlackBerry router (of which there are only a few worldwide) not in the country of origin of the enterprise that uses the BlackBerry solution. Many security investigations criticize in the first place the central position of the BlackBerry routers in Canada and Great Britain, who control all communication with BlackBerry smartphones. No matter how safe the BlackBerry security infrastructure may be, alone the fact, that all communication runs via a few central server (on which data is possibly stored in the short term), some companies are forced to implement an additional layer of security.

Totemo TrustMail® is a solution for the secure and confidential communications over the Internet - and therefore the ideal addition to your BlackBerry® Enterprise Solution. TrustMail is one of the most innovative and successful secure messaging solutions.

For Further Information please see the Totemo Transcoder For Blackberry pdf file.