Frequently asked questions
Yes, Echoworx offers migration support for customers migrating from existing email encryption solutions. Check out our Integrations & Deployment page for more details on what to expect.
Yes. Echoworx offers full onboarding services. All customers are assigned a dedicated resource from the Echoworx Client Engagement team. These team members are technical experts of the platform and skilled project managers. Full administrator and user documentation is provided in HTML and PDF formats along with “train-the-trainer” materials. Learn more about onboarding here.
We support both private cloud and dedicated cloud.
Echoworx abides by the laws of the countries we do business in or with and assist customers in their compliance initiatives for PIPEDA and HIPPA. The Echoworx email encryption solution, our policies and procedures are audited annually for compliance against PCI, SOC2, and WebTrust. Read more about our Cloud Security Assurance
Echoworx provides the ability for customers to host in different geographic regions. Currently our SOC2, PCI DSS, and ISO-certified data centres are located in: US, UK, Canada, Ireland, or Germany. Echoworx deploys and fully manages the solution with no third-party access to our instances. Full details can be found here
Existing email gateway, either on-premises or cloud based. Service access is restricted to using TLS only for connection. Inbound email must pass through mail security flows (AV/AS).
Yes. Echoworx is committed to improving accessibility as outlined in our AODA statement of commitment. This commitment extends to our people-focused encryption platform where the tailored level AA rated interface, ensures experience is not affected by language preference or customization. Each release of the software is tested for compliance against the WCAG 2.1 AA accessibility standards. We welcome and incorporate detailed customer feedback into our design processes. Many aspects of the platform can be tailored to meet the customer’s requirements, including web content, branding and email notifications.
No. Echoworx does not use proprietary encryption algorithms or standards in our products. As part of PCI and SOC2, our list of algorithms is reviewed regularly. Please refer to our security brief that outlines the encryption and algorithms supported.
Numerous encryption methods ensure seamless communication to a variety of recipients:
TLS Encryption with Fallback | S/MIME | PGP | Full Message Encryption | Encrypted Attachments (PDF, Office Document, Zip) | Web Portal. Learn more about Echoworx’s numerous delivery methods here.
Yes. Echoworx can be used to read and send messages from iPhone, Android, Blackberry and Windows Mobile devices. No mobile app, additional software or special setup is required. Our tailored interface, rated AA level for Web Content Accessibility, ensures experience is not affected.
Echoworx’s numerous authentication methods include:
- User ID/PWD
- No Authentication
- Out of Band
- Biometrics (Fido2)
- oAuth (social connectors)
- API integration from existing portals
- Sender Set
Learn more about Echoworx’ flexible authentication controls and assess here.
Yes. Echoworx's cloud-based encryption supports both Exchange online and on-premises. We support all popular email platforms. If you can send email, Echoworx can encrypt it.
Learn more about Echoworx's integration and secure email flow here.
Customization includes 8 message delivery options that can be changed at anytime. Extensive branding control of logo, colors and other specific imagery. Customizable messages in header and footer including per-language template-sets. Advanced branded pickup portal and online help centre. Support of vanity domains. 28 configurable language options. 9 authentication options. Administrators have full access to system management and profile customization through the easy to use web admin console. End users have full control of their language and message delivery options.
Yes. Data retention policies are flexible and configurable for each customer. The Echoworx policy engine can map specific senders, domains, or AD groups to the appropriate retention policy. Other options such as keyword and recipient-based mapping are also available. 90-day retention is available out of the box with longer retention periods available upon request.
Yes. Echoworx can sign plain text, S/MIME or PGP encrypted messages, as well as PGP encrypted attachments. DMARC/DKIM is also fully supported for all outbound messages. Additionally, Echoworx can configure encrypted mail to route back to your organization for sending and DKIM application.
Security Assurance & Certification Programs