PGP Desktop Email

Overview

Email is the most important business communications system in the world, enabling organizations to efficiently interact with customers, clients, and business partners. Yet unprotected email poses a critical risk to an enterprise’s most sensitive data: customer information, financial data, trade secrets, and other proprietary information. Exposure of this information to unauthorized parties can result in financial loss, legal ramifications, and brand damage.

PGP® Desktop Email provides enterprises with an automatic, transparent encryption solution for securing internal and external confidential email communications. With PGP Desktop Email, organizations can minimize the risk of a data breach and comply with partner and regulatory mandates for information security and privacy.

• Easy, automatic operation–Protects sensitive email without changing the user experience.
• Enforced security policies –Enforce data protection automatically with centrally managed policies.
• Accelerated deployment–Achieves end-to-end email encryption using the existing infrastructure.
• Reduced operation costs–Result from centralized automation of email encryption policies.

As a PGP® Encryption Platform–enabled application, PGP Desktop Email can be deployed with PGP Universal™ Server for central management of existing policies, users, keys, and configurations. This solution expedites deployment and enables consistent policy enforcement. In combination with other PGP® encryption applications, PGP Desktop Email provides multiple layers of security.

Technical Specifications

Technical Specifications

Supported Operating Systems

• Microsoft Windows Vista (all 32-bit and 64-bit versions, including Service Pack 1)
• Microsoft Windows 2000 (Service Pack 4)
• Microsoft Windows Server 2003 (Service Pack 1 and 2)
• Microsoft Windows XP Professional 32-bit (Service Pack 1, 2 or 3)
• Microsoft Windows XP Professional 64-bit (Service Pack 2)
• Microsoft Windows XP Tablet PC Edition 2005 (requires attached keyboard)
• Mac OS X 10.4.x and 10.5.x (Intel & Power PC)

Localization

• English
• German
• Japanese

Authentication Options

• OpenPGP RFC 4880 keys
• X.509 keys

Messaging Protocols

• POP3
• IMAP
• SMTP
• MAPI
• Lotus Notes

Messaging Security Standards

• PGP/MIME RFC 3156
• OpenPGP RFC 4880
• S/MIME v3 RFC 2633
• X.509 v3

Supported Email Clients

• Microsoft Outlook 2007 SP1 (Outlook 12)
• Microsoft Outlook 2003 SP3
• Microsoft Outlook XP SP3
• Microsoft Outlook 2000 SP3
• Windows Mail 6.0.6000.16386
• Outlook Express 6
• Mozilla Thunderbird 2.0
• Lotus Notes 6.5.6, 7.0.3, and 8.0.1
• Novell GroupWise 6.5
• Apple Mail 2.1.1 and 3.3
• Microsoft Entourage 2008

Supported IM Clients

• AOL Instant Messenger 5.9x, 6.5.5 for Windows
• Trillian 3.1 (Basic and Pro)
• Apple iChat 3.1.x, 4.0 for Mac OS X

Symmetric Key Algorithms

• AES (up to 256-bit keys)
• CAST
• TripleDES
• IDEA
• Twofish

Hashes

• SHA-2 (up to 512-bit hashes)
• SHA-1
• MD5
• RIPEMD-160

Public Key Algorithms

• Diffie-Hellman
• DSA (1024-bit keys only)
• RSA (up to 4096-bit keys)

Centralized Management Requirements

• PGP Universal™ Server

*PGP Universal Server requires a dedicated server.

Two-Factor Authentication

PGP® Desktop Email recognizes and works with the following:

• DoD Common Access Cards (CACs) with the ActivCard Gold 2.0 profile
• Athena Smart Card Solutions smart cards, including the ASEKey USB token
• AET SafeSign smart cards, including ASEKey 1.0
• Axalto (formerly Schlumberger) smart cards, including the Cryptoflex 32K
• SafeNet smart cards, including iKey 2032
• Aladdin smart cards, including eToken PRO USB 16K, 32K, and 64K
• GemPlus smart cards, including SafesITe and GemXpresso Pro, using GemSafe Libraries 4.2.0-015 (Gold)

PGP Desktop Email also recognizes and works with smart cards from other vendors, if the vendor includes a standards-based PKCS-11 library in its software drivers.

FAQ

General

What is PGP Desktop Email and why is it important?

PGP Desktop Email is an innovative desktop email encryption solution that automatically encrypts email based on policy using open standards. PGP Desktop Email operates as a proxy, increasing performance, removing the need for application- and version-specific plug-ins, and eliminating potential email application conflicts or incompatibilities.

PGP Desktop Email encrypts email as it is received and sent, without affecting the end-user email experience. PGP Desktop Email secures data sent in email from unauthorized access, including administrators with access to the mail server data store.

What business problem does PGP Desktop Email solve?

Email sent to and from an organization can contain the most sensitive customer, patient, financial, or intellectual property data. PGP Desktop Email allows organizations to meet audit and compliance requirements while securing their brand. Because PGP Desktop Email does not affect the end-user email experience, it does not impact productivity.

What are the key benefits of PGP Desktop Email?

PGP Desktop Email provides organizations with the following benefits:

• Easy, automatic operation–Protects sensitive email without changing the user experience.
• Enforced security policies–Automatically enforce data protection with centrally managed policies.
• Accelerated deployment–Achieves end-to-end email encryption using the existing infrastructure.
• Reduced operational costs–Results from centrally automating email encryption policies.

How does PGP Desktop Email work?

PGP Desktop Email operates as a local, desktop mail proxy service, automatically encrypting/decrypting messages according to policy. PGP Desktop Email supports the two global email encryption standards, OpenPGP and S/MIME, automatically discovering keys and certificates. When centrally managed by PGP Universal™ Server, the PGP Desktop Email key management, policy, and software updates are managed by PGP Universal Server.

What is the end-user experience?

For end users, PGP Desktop Email operates in the background, processing email messages based on policy. If allowed by policy (or if not managed by PGP Universal Server), end users can adapt email encryption policies and change configuration through the PGP Desktop Email application interface. When encryption or digital signature operations are performed, the PGP Desktop Email notifier window alerts users that an operation is being performed and its status.

What's new in PGP Desktop Email 9.9?

New features in PGP Desktop Email 9.9 include the following:

• Offline Policy Controls–Administrators can now enforce policy for offline users by controlling what happens to email when the PGP Universal Server cannot be reached by PGP Desktop.
• Expanded client controls–Enables the organization to better meet security requirements by locking down which features are enabled, visible to the user, and enforced.*
• Increased authentication options–Perform two-factor authentication using smart cards such as the RSA SID800.
• Trusted Platform Module (TPM) support–Protects encryption keys against unauthorized access.
• Rapid deployment process–Speeds deployment by automating the installation and configuration process.

*Requires PGP Universal Server 2.9

What languages (localization) does PGP Desktop Email support?

The PGP Desktop Email user interface is localized in English, German, and Japanese.

Is the product source code available for download?

Yes. To validate the integrity of its products, PGP Corporation releases all product source code, including PGP Desktop Email, for peer review. For more information, see PGP® Source Code.

How does PGP Desktop Email fit into the PGP Encryption Platform architecture?

PGP Desktop Email is a PGP Encryption Platform–enabled application managed by PGP Universal Server. Account management, key management, and policy and software update distribution are automated for all PGP Encryption Platform–enabled applications.

Technical

What operating systems are supported?

PGP Desktop Email is supported on the following operating systems:

• Microsoft Windows Vista (all 32-bit and 64-bit versions, including Service Pack 1)
• Microsoft Windows 2000 (Service Pack 4)
• Microsoft Windows Server 2003 (Service Pack 1 and 2)
• Microsoft Windows XP Professional 32-bit (Service Pack 1,2 or 3)
• Microsoft Windows XP Professional 64-bit (Service Pack 2)
• Microsoft Windows XP Tablet PC Edition 2005 (requires attached keyboard)
• Microsoft Windows XP Home
• Mac OS X 10.4.x and 10.5.x (Intel and Power PC)

What email clients are supported?

PGP Desktop Email has been tested to interoperate with the following email clients:

• Microsoft Outlook 2007 SP1 (Outlook 12)
• Microsoft Outlook 2003 SP3
• Microsoft Outlook XP SP3
• Microsoft Outlook 2000 SP3
• Windows Mail 6.0.6000.16386
• Microsoft Outlook Express 6
• Mozilla Thunderbird 2.0
• Lotus Notes 6.5.6, 7.0.3, and 8.01
• Novell GroupWise 6.5
• Apple Mail 2.1.1 and 3.3
• Microsoft Entourage 2008

What encryption algorithms are supported?

PGP Desktop Email supports the following public key and symmetric key encryption algorithms:

Symmetric Key Algorithms

• AES (up to 256-bit keys)
• CAST
• TripleDES
• IDEA
• Twofish

Hashes

• SHA-2 (up to 512-bit hashes)
• SHA-1
• MD5
• RIPEMD-160

Public Key Algorithms

• Diffie-Hellman
• DSA (1024-bit keys only)
• RSA (up to 4096-bit keys)

How does PGP Desktop Email integrate with directory systems?

PGP Desktop Email supports automatic OpenPGP key and X.509 certificate discovery by searching LDAP directories, PGP Universal Servers, the PGP® Global Directory, and PGP® keyservers.