- Secure Business Email
-
- Z1 SecureMail Gateway
Z1 SecureMail ONE
Email encryption for Businesses - Plans & Pricing
Overview Z1 SecureMail products Z1 SecureMail Webinars
Introduction
Register now→
Email encryption
with Z1 SecureMail
Duration: < 1 h
- Z1 SecureMail Gateway
-
- Z1 Energy
-
- Z1 Energy
Message broker for the energy sector Energy Webinars
Communication
Register now→
in the energy sector
with Z1 Energy
Duration: < 45 min
- Z1 Energy
-
GlobalCrypt®: A smarter way to encrypt and sign emails between organizations
GlobalCrypt® is a built-in feature of Z1 SecureMail
GlobalCrypt® makes email encryption between organizations easy
You’ve probably heard of Alice and Bob. The classic duo when it comes to explaining email encryption. It goes like this: Alice sends an email to Bob and encrypts the message using Bob’s personal certificate. But imagine this: Alice now runs Alice Inc – Bob runs Bob Ltd. So it’s no longer just two individuals exchanging emails, but entire organizations with hundreds of employees.
This is where GlobalCrypt® comes in. It enables domain-to-domain certificate encryption and signing with very little administrative overhead. So anyone from domain A (Alice Inc.) can send encrypted emails to anyone from domain B (Bob Ltd.) – automatically. And if individual user certificates are required, they work in parallel.
Alice and Bob using individual certificates
The standard case: In B2B email encryption, each employee typically uses their own certificate. Managing hundreds of individual certificates for own employees as well as searching the certificates of communication partners is usually a tedious and error-prone task.
Z1 SecureMail automates this process like no other gateway solution on the market – thanks to CertMagic®. It ensures that your own keys and certificates are managed through the lifecycle as well as checking the certificates of your communication partners with automatic retrieval and validation, so your teams stay secure without having to worry about the technical details of encryption.
Alice and Bob’s businesses can also use GlobalCrypt®
With GlobalCrypt®, secure communication becomes a global setting: Anyone at Alice Inc. can now send signed and encrypted emails to anyone at Bob Ltd. using their companies domain certificates.
GlobalCrypt® elevates security and confidentiality to the next level – to a truly global level. When both sides use Z1 SecureMail with GlobalCrypt®, domain-to-domain encryption works out-of-the-box – no manual certificate exchange required.
Joining the GlobalCrypt® universe of secure communication
Organizations using GlobalCrypt® benefit from the same effortless setup and strong security – across all connected domains.
Even if your communication partner doesn’t use Z1 SecureMail, encryption will work automatically if they have an X.509 S/MIME domain certificate. Just import their domain certificate (one certificate per domain) in your gateway and mark it as trusted.
That is the beauty of GlobalCrypt®. All businesses, offices, public services, etc. can easily be part of GlobalCrypt® and enjoy the barrier-free secure communication.
User and domain certificates on Z1 Global TrustPoint
How to start GlobalCrypt®?
Step 1: Automatically enabled
GlobalCrypt® is a built-in feature of our email encryption gateway, Z1 SecureMail. With the setup of the solution your company automatically receives a domain certificate, ensuring instant encryption capabilities. User and domain certificates are automatically published to Z1 Global TrustPoint where your contacts can find them.
Step 2: Preset or custom security policy
With GlobalCrypt® you will use a predefined domain-to-domain encryption with every other company that uses Z1 SecureMail. Set a custom policy to prioritize domain certificates with specific partners that have third party gateway solutions.
Step 3: Fully automated encryption
Now, any employee can send encrypted emails using a single domain certificate. Emails to any Z1 SecureMail-enabled domain are automatically encrypted – no certificate exchange required. Of course, individual certificates can also be used in parallel.
Simplify secure business mail with GlobalCrypt®
Simplified management
When domain-to-domain encryption is in place, individual certificates for each user aren’t needed. Employees leave, new ones join – the encryption remains intact.
Scalability
As organizations grow, domain-to-domain encryption accommodates an increasing number of users without the need for additional configurations or certificate purchases, making it a scalable solution for expanding businesses.
Interoperability
Some organizations, like Deutsche Rentenversicherung, require domain certificate encryption. Being able to support this method isn’t just a technical advantage, it’s often a prerequisite for doing business.
User vs. domain certificates?
No need to choose!
With Z1 SecureMail, you get both worlds. Both methods work complementary and are integrated in our gateway solution.
Use cases where domain-to-domain email encryption excels
Inter-Organizational communications
When two companies regularly exchange sensitive information, domain-to-domain encryption ensures that every email is automatically protected. No forgotten encryptions – just secure collaboration that works every time.
Regulatory compliance
GDPR, NIS2, DORA … if your industry has strict compliance standards, you’ve got to make sure that every email is encrypted, no exceptions. With domain-to-domain encryption, your can protect all of your organization’s emails, no matter which employee sends them without the hassle of managing hundreds of user certificates.
Securing networks
When everyone on a network is using the same encryption solution, sensitive data remains secure at every stage. We see these examples in practice, for example in networks such as lottery associations across Europe.
Read success storyFAQ GlobalCrypt®
GlobalCrypt® is included in all Z1 SecureMail business offers. It is part of Z1 SecureMail ONE and Z1 SecureMail Gateway as well as all enterprise offers.
Yes, if you imagine two companies with their gateways. The emails will be encrypted from one gateway to the other gateway – so from one end of the communicating legal entity to the other legal entity.
GlobalCrypt® is content encryption, with TLS (Transport Layer Security) the channel is encrypted. If this gets broken, the email can be accessed as plain text. Spying and altering of encrypted emails is not possible.
You do not need to set up a secure connection. All Z1 SecureMail domains use GlobalCrypt® as default security. No extra effort, just out-of-the-box.
Not at all, you can have both at the same time. Z1 SecureMail has both of them and plays them as needed!