Echoworx Blog

PGP & S/MIME Is Changing: What Enterprises Need to Know

Encryption Features    | May 22, 2025
Professional black woman smiling and using a mobile phone. Business woman checking her messages while working from her desk.

In the world of certificate-based encryption, efficiency and compliance are critical—especially for enterprises operating in regions with strict regulatory standards like the DACH region.

Echoworx’s latest release focuses on enhancing our S/MIME and PGP encryption capabilities, aligning with the best practice recommendations of The German Federal Office for Information Security (BSI). These updates ensure seamless workflows, stronger security, and compliance with global standards, all while reducing the administrative burdens of managing encryption at scale.

Let’s explore how our recent enhancements address common challenges in certificate-based encryption, providing measurable value for enterprises worldwide.

S/MIME Enhancements: Simplifying Certificate Management

Managing S/MIME certificates can be a time-consuming and error-prone task, especially in large enterprises with complex email systems. We’ve introduced several updates to eliminate these inefficiencies:

  • SwissSign Integration: Following DigiCert last year, this new trusted Certificate Authority integration allows you to automatically generate S/MIME certificates on demand, enabling seamless outbound message signing without manual intervention. It reduces administrative overhead and ensures certificates are always available when needed.
  • Global LDAP Directory Publishing: X.509 public certificates are now published to the Echoworx Global LDAP Directory, streamlining certificate discovery and management. No more wasted time searching for certificates or dealing with disruptions in secure communications.
  • Improved Credential Logic: Our auto-generated S/MIME credentials now use the SENDER MIME header, optimizing the handling of group mailboxes and forwarded messages. This ensures smoother communication workflows, even in complex email configurations.
  • Retry Mechanism for Certificates: Service outages happen, but they shouldn’t disrupt your encryption processes. Our system now retries certificate requests during temporary outages, ensuring smooth operations even in less-than-ideal conditions.
  • Enhanced Security Controls: Uploaded or generated S/MIME private keys are now restricted to mapped profile domains, providing an additional layer of security for sensitive communications.
Overview of Echoworx S/MIME Process

S/MIME mail flow using Echoworx Email Encryption.

PGP Enhancements: Advancing Key Management

PGP encryption remains a cornerstone of secure communication for many enterprises but managing PGP keys can be challenging. Our updates address these pain points head-on:

  • Signed-Only Messages: Outbound messages can now be digitally signed using PGP without requiring encryption, providing flexibility for scenarios where message authenticity is essential, but encryption isn’t required.
  • Key Harvesting: Echoworx now saves encryption-valid public keys from inbound PGP messages for future use, complete with full audit reporting. This reduces the need for manual key management and speeds up encryption processes.
  • Domain-Restricted Keys: Uploaded or generated PGP private keys are now securely restricted to mapped profile domains, ensuring tighter control over sensitive assets.
  • Expanded Directory Searches: We’ve broadened our search capabilities to include additional third-party public LDAP directories, making it easier to find and use PGP keys when needed.

User-Focused Improvements: Enhancing Communication Security

In today’s fast-paced business environment, even small inefficiencies in communication workflows can add up, creating significant challenges at scale. That’s why we’ve introduced updates designed to enhance security and usability:

  • Sender Verification: We now verify DKIM and SPF on messages routed to Echoworx for encryption, enhancing email authenticity and reducing the risk of phishing attacks.
  • Retry Mechanisms & Expanded Directory Searches: Both S/MIME and PGP workflows now benefit from expanded LDAP directory capabilities and retry mechanisms, ensuring seamless operations even during disruptions.

S/MIME Webinar

What this means for you: These enhancements improve the reliability and security of your communication workflows, so your team can focus on their work without headaches.

Complicated S/MIME and PGP workflows aren’t just annoying—they slow you down, cause mistakes, and cost money. At scale, they become a huge frustration for everyone.

Our latest updates remove hassles. Better security, easier to use, and no more wasted time. Whether you’re in IT or making big decisions, these updates help you work faster, cut costs, and stay compliant without stress.

Ready to get rid of the headaches? Contact us to learn how we can simplify your S/MIME and PGP workflows.

Subscribe to the Echoworx Blog

This field is for validation purposes and should be left unchanged.