Secure E-Mail Quick Users Guide - HSH Nordbank
Secure E-Mail Quick Users Guide - HSH Nordbank
Secure E-Mail Quick Users Guide - HSH Nordbank
You also want an ePaper? Increase the reach of your titles
YUMPU automatically turns print PDFs into web optimized ePapers that Google loves.
<strong>HSH</strong> <strong>Nordbank</strong> AG<br />
<strong>Secure</strong> E-<strong>Mail</strong><br />
<strong>Quick</strong> <strong>Users</strong> <strong>Guide</strong><br />
Last update<br />
June 2009<br />
<strong>Secure</strong> E-<strong>Mail</strong> – What’s it all about?<br />
With <strong>Secure</strong> E-<strong>Mail</strong> <strong>HSH</strong> <strong>Nordbank</strong> is reacting in response to the increasing threats to e-<br />
mail communication in the Internet and provides its customers and partners with an option<br />
to communicate confidential information in a secure manner.<br />
Beside the fact that e-mail is misused to transmit damaging codes (viruses, Trojans) and<br />
undesired advertising (Spam), there are three main problems which can be counteracted<br />
by <strong>Secure</strong> E-<strong>Mail</strong>:<br />
Confidentiality<br />
An e-mail can be compared to a postcard in that it can be read by anyone during transmission.<br />
One needs to be aware that nowadays the “interception” of worldwide data streams<br />
is possible by means of simple software programs which can be downloaded from the<br />
Internet. The contents of unprotected e-mails can be easily read with these programs and<br />
sensitive information could possibly fall into the wrong hands. It is a certain fact today that<br />
various organizations professionally “intercept” and evaluate e-mail traffic.<br />
Authenticity<br />
The e-mail program displays the sender. But are you aware that dispatcher details in e-<br />
mails are easily forged? This can be done with little technical support by persons with<br />
hardly any technical expertise.<br />
Integrity<br />
During transmission e-mails can be manipulated. This is also possible with comparatively<br />
little technical effort.<br />
<strong>Secure</strong> E-<strong>Mail</strong> – What do I need?<br />
The <strong>HSH</strong> <strong>Nordbank</strong> provides its customers and partners with two options for secure e-mail<br />
communication:<br />
• <strong>Secure</strong> e-mail as password protected PDF file<br />
• Encrypted e-mail communication<br />
To use encrypted e-mail communication you will need either an S/MIME certificate issued<br />
with your name and e-mail address, or a PGP code and e-mail program.<br />
If you have neither an S/MIME certificate nor PGP code, we recommend that you have an<br />
S/MIME issued (minimum: class 2) by the certification centre. The charge for this service<br />
is approximate € 30-60 per certificate/year.<br />
These certificates are always issued to specific persons and e-mail addresses allowing<br />
that person to securely communicate with any other partner.<br />
1 | 3
<strong>HSH</strong> <strong>Nordbank</strong> AG<br />
<strong>Secure</strong> E-<strong>Mail</strong> – How does it work?<br />
Whether you decide to use the PDF alternative or encrypted e-mail communication, in<br />
order to use <strong>Secure</strong> E-<strong>Mail</strong> you will need to register once. We spent every effort to set up<br />
the registration process as convenient as possible.<br />
The initial step of the registration process involves your receiving an e-mail marked confidential<br />
from a <strong>HSH</strong> <strong>Nordbank</strong> staff member.<br />
Initially, this e-mail is held back by our <strong>Secure</strong> E-<strong>Mail</strong> system and a registration mail is<br />
dispatched instead. By receiving this e-mail, your e-mail program may generate a warning<br />
signal. The reason for this is that this e-mail has been signed with an <strong>HSH</strong> <strong>Nordbank</strong> certificate<br />
which is unknown to your system. Please set your e-mail program in such a way as<br />
to trust and accept this certificate so that in future these warnings will cease.<br />
The received registration mail contains information regarding the registration process and<br />
provides you with the following option / alternative:<br />
• 1 st Option: You decide to receive a secure e-mail via a password protected PDF-file. A<br />
corresponding dialogue is asking you to set a password. This password is being used<br />
to encrypt your e-mail. You have to enter your password in order to read the secure e-<br />
mail in your PDF-viewer. Please keep your password in safe custody. You are able to<br />
answer within the PDF-file in a secure mode, too.<br />
• Alternative: You already have an S/MIME certificate or PGP code. In this case, please<br />
send the certificate in the form of a response to this registration mail to the <strong>Secure</strong> E-<br />
<strong>Mail</strong> system (S/MIME certificates can be sent by means of a digitally signed response,<br />
a PGP code as file attachment)<br />
A <strong>HSH</strong> <strong>Nordbank</strong> staff member will be available to render any support you may need in<br />
this process and, if required, issue you with a registration password.<br />
Please note: This registration process takes place only once and the <strong>Secure</strong> E-<strong>Mail</strong> system<br />
with its detailed description has been set up to be as convenient as possible.<br />
Following the successful registration, the original e-mail is then delivered and for the future<br />
secure e-mails are transmitted automatically according to the chosen registration mode.<br />
2 | 3
<strong>HSH</strong> <strong>Nordbank</strong> AG<br />
<strong>Secure</strong> E-<strong>Mail</strong> – FAQ<br />
What do I need to participate in coded e-mail communication with <strong>HSH</strong> <strong>Nordbank</strong>?<br />
Either a S/MIME certificate or a PGP code or you decide for <strong>Secure</strong> E-<strong>Mail</strong> as a password<br />
protected e-mail.<br />
If I have a S/MIME certificate, or a PGP code and send this to the <strong>Secure</strong> E-<strong>Mail</strong> system,<br />
will it be used immediately?<br />
Generally, yes. In the <strong>Secure</strong> E-<strong>Mail</strong> System there are various positions of trust set up for<br />
certificates, so that many incoming certificates are directly trusted. If this is not the case,<br />
the administration carries out a manual check. This can be combined with a telephone<br />
check of the digital fingerprint stored in the certificate or code. But don’t worry, this procedure<br />
serves security, is generally known to code users and creates confidence.<br />
What do I need in order to read coded e-mail communication from <strong>HSH</strong> <strong>Nordbank</strong> with<br />
Blackberry® ?<br />
Following this link you find further information how to use secure e-mail on your Blackberry®.<br />
Link to the document directly<br />
http://www.hsh-nordbank.de/media/secureemail/smime2009_03.pdf<br />
Link to the <strong>Secure</strong> E-<strong>Mail</strong> Internet-page:<br />
www.hsh-nordbank.com/secure_email/en<br />
Contact<br />
Regarding any problems with<br />
<strong>Secure</strong> E-<strong>Mail</strong> please contact the<br />
Service Center<br />
at <strong>HSH</strong> <strong>Nordbank</strong><br />
+49 431 900-23423<br />
3 | 3