Moving Your PGP to the Cloud? Here’s What You Need to Know

To stay competitive, you need to move your PGP – developed in 1991 – to the cloud and unlock additional features that work “for everyone”, without interrupting the critical business relationships depending on secure PGP messages.

Sounds daunting, but, with the right tools and the right managed SaaS solution it is a worthwhile investment.

Consider this, 31 per cent of IT executives say they still need to support their legacy on-premises PGP setups. Seems insignificant when you look at this statement as a simple number.

Reality is, encryption standards such as PGP and S/MIME are critical use-cases for our large enterprises, deal breakers in fact.  

Encryption standards timeline

But an on-premises PGP is resource intensive, and requires software installed on workstations and servers. The demand on your IT department can be considerable – migrating it to the cloud can take a lot of strain off your staff and unlock modern, innovative functionality.

We interviewed Echoworx PMP-certified Engagement Manager, Derek Christiansen. Derek weighed in on what you need to consider.

What you need to know when moving PGP to the cloud

Challenge 1: You need centralized key management

Moving your on-premises PGP system to the cloud should help, not hinder, your ability to send secure email. But, while the benefits to retire costly and out-of-date on-premises technology anchors are substantial, concerns about onboarding and business impacts remain. PGP and S/MIME email encryption needs to be offloaded from existing endpoints to the cloud, maintaining integrations with select business partners, without impacting anyone currently using it.

How we do it:

Echoworx offers automated PGP key generation, signing and roll-over with a simple UI to manage keys, certificates and encryption policies in a single consolidated environment. We manage the entire infrastructure, security, compliance and configuration so you don’t have to. As a boundary-based solution, customers remain onside with all existing data classification policies, email hygiene, e-discovery and protection rules. And the self-serve nature of our encryption solution ensures minimal impact on internal users and support.

“All of our features are designed to lower the total cost of ownership of PGP and S/MIME technologies,” says Christiansen. “Lowering the TCO helps organizations free up internal infrastructure and resources, preserve critical relationships with external customers and partners, stay onside with regards to compliance and security requirements – helping to maintain and even open doors with select business partners.”

Screen shot Echoworx PGP administration

Easily import, generate and manage keys from a central admin console.

Challenge 2: You need more functionality

You’re looking to update your email encryption’s functionality with a top priority of improving user experience. To achieve this, encrypted email needs to be accessible, simple to use anywhere, on any device, easy to support and equipped with flexible and configurable options for message access.

How we do it:

In addition to offering full support for PGP, including key management, Echoworx provides access to more secure ways to deliver encrypted mail, including: Web Portal, TLS (with fallback), Encrypted PDF, Encrypted Attachments Only (PDF, ZIP, Office XML) and S/MIME. Further value is found through our extensive branding options, multilingual support for up-to 27 languages (and counting) and multiple ways to authenticate users, including Passwordless, Multi-Factor Authentication (MFA), OAuth, Single Sign-On (SSO) and even Guest Compose.

“Gaining access to a modernized email encryption solution allows organizations to demonstrate their commitment to their customers,  empowering recipients to manage their own experience with minimal overhead,” says Christiansen. “And, since Echoworx operates at the ‘last hop’ of the of the customer network, integration is a snap, meaning email encryption never serves as a bottleneck to other business initiatives. We help our customers solve specific business encryption requirements like shared folder support, persistent data, multi-branding, identity validation and inbound decryption within a single dynamic platform.

Diagram Echoworx Email Encryption Platform Message Flow

Challenge 3: You need a seamless deployment

Organizations who take the step to migrate their existing on-premises PGP to the cloud are often doing so to replace incumbent technologies. The upgrade must offer a like-for-like user experience, while providing a migration path that minimizes support and reduces impact recipients. PGP and S/MIME communication flows must remain intact with the ability to reuse existing keys and certificates with options to automate and streamline key management. Policy-based encryption ensures the best email encryption experience is dynamically determined for each recipient. Each step of the migration process should empower organizations to migrate on their own schedule and terms.

PGP and S/MIME are ready out-of-the-box, enabling organizations to quickly activate and scale this capability.

The Echoworx Engagement team is with you at every step of deployment, from initial setup stages to key imports from an on-premises PGP appliance to managing all aspects of service configurations, from day-to-day setup to regular software updates.

Related: Watch a demonstration of the cloud migration and certificate encryption capabilities of Echoworx

Echoworx offers a friendly UI for certificate management where administrators can manage certificates and keys centrally and invite users, individually or in bulk, to upload their own. Combined with the Echoworx managed LDAP and configurable public LDAP directories, we can intelligently locate, utilize and roll-over keys to simplify up front and ongoing provisioning.

“Our approach allows organizations to adopt PGP and S/MIME capabilities in any one of our U.S., U.K., Canada, Ireland or German regions,” says Christiansen. “This allows them to deploy and scale email encryption capabilities on their own terms, retire old technology and realize the direct benefits of SaaS encryption.

To see a personalized demonstration or to discuss your specific needs, please reach out to book a demo with one of our encryption experts.

What You Should Do Now

  1. Request your FREE personalized demo. Let us show you how you can get more of email encryption – to help you apply secure digital communication to different business cases.
  2. Visit our FREE library of self-serve demonstration videos to see how Echoworx helps organizations address a variety of common business cases.
  3. If you wish to learn more about the power and value of effective email encryption, visit our Blog or Resources Library to download guides, read up on the latest strategies and case studies of our most-successful clients.
  4. Know someone else who would enjoy reading this page? Share it with them via email, LinkedIn, Twitter or Facebook.

Stay Updated With the Latest Encryption & Security Trends

Sign up to get our latest articles sent directly to your inbox.

Your email will not be shared with any 3rd party. See our Privacy Policy.