Securing your Email with S/MIME

Today we start an awesome mini-series from one of our support gurus, DragonFly, about how S/MIME works in general, with following tutorials on how to implement S/MIME in TouchDown on iOS, Android and Mac platforms.  Check out today’s tutorial on iOS!

Hi,

Dragonfly from NitroDesk support here. In the following, today I’ll be describing how to import and use S/MIME in Touchdown for iOS. Using this functionality you can sign messages, proving that you are the person sending that particular message, and optionally encrypt them, meaning the email will only be readable by people who you have included in the message. Signing provides you with non-repudiation and potentially detect tampering on the fly and encryption prevents unauthorized viewing of the message. This type of functionality is great for keeping your emails safe and ensuring that information’s coming from the right source. (For more information on how S/MIME works, here’s a good tutorial: http://technet.microsoft.com/en-us/library/aa995740%28v=exchg.65%29.aspx) Just know that to send an encrypted email, you need to have the recipient’s public key and vice versa- these can be verified from within Touchdown when that person sends you a signed message. Here’s what you’ll need before you get started:

First, you’ll need a certificate for S/MIME signing and the latest version of Touchdown. To get a certificate for S/MIME, you’ll want to contact your IT team. Also, keep in mind the only two certificate types Touchdown supports is .pfx and .p12. The certificate would need to include the complete chain to the root certificate authority.

If you have your certificate already in IE, but need to export it to your desktop,Here’s how (in IE):

1. Go into the Settings>Internet Options, and clicking on the Content tab.

2. Click on Certificates, and find the one you want to export

3. Click Export. Make sure you choose the option to export the private key and also to include all certificates in the certification path.

4. Choose a file path, and save it.

5. Don’t forget to  remember the password you use to perform the export. This password prevents anyone else from being able to access the certificate. If you’re having difficulty with this process, contact your IT team and see if there’s another way you should be doing it. As with any operations like this, make sure you are staying within your IT team’s best practices so you stay in alignment with any security policies.

6. Once you have your certificate backed up to a file, send that file to your email as an attachment, and you’re ready to go.

Let’s start with the iOS version.

S/MIME for iOS

In this demo, I show how to send an encrypted email to the ‘welovenitrodesk’ account.

First, I want to ensure that I have my certificate for S/MIME, so I find the email with the attached certificate, and view it in the attachment list.

The attached certificate, note the file type is .pfx. 

After downloading, I click the ‘I’ icon and choose to ‘Import for both.’

Choose Import for Both.

A password prompt appears.

Enter your certificate password here that was created when you generated the certificate. 

After entering the correct password (This is set up during certificate exporting from your browser, for help with this  please contact your IT team) it will tell you your certificate has been saved.

Saved certificate message. 

Now that I have a certificate, I’m ready to send the account  welovenitrodesk an encrypted message:

I click on the tools/options icon and enable Encryption and signing.

Tools icon to enable encryption signing.

Enable signing and encryption for the email.

I send the email. If you suddenly see this message (see below), it means you didn’t validate the recipient’s public certificate key from a signed message. (This can also be done over the GAL if your company supports it.) Remember how I said earlier that to send an encrypted email, you need the recipient’s public key? Now I just need to fetch it. Thankfully, a while back welovenitrodesk sent me a signed message, which contains the key.

Oops!

I find the email where welovenitrodesk sent me the key, and click on the lock icon.

Welovenitrodesk sent me a signed message.

I click ‘verify signature’ and it verifies.

Now I can send that encrypted message!

The second time, I attempt to send the encrypted message again. This time it comes through.

Back in welovenitrodesk, after having imported the public certificate and the welovenitrodesk certificate, I check the encrypted message, and am able to successfully decrypt it.

The signed and encrypted email.

Clicking on the lock icon, I can confirm that it is indeed signed and encrypted.

Hope this helps you get a better understanding on how to use S/MIME functionality with Touchdown for  iOS. If you have any questions, please feel free to contact us at  iossupport@nitrodesk.com for any iOS queries. Be sure to check in on Monday for Part II, SMIME for Android. Thanks for reading!

TouchDown for Windows 8.1updates

Our Windows developer has been working like crazy adding in  more features and fixing the bugs on our latest platform added to the TouchDown family – Windows 8.1.

 

Currently, the focus is on stabilization of  the app and making it more even responsive. The next release, after the holidays, should show a huge improvement!  In the meantime, small bugs are being fixed now and new versions are being added to the Windows store on a weekly basis.

We are also adding user settings such as Calendar view settings, what working hours are, etc – simple ways to customize how  TouchDown for Windows looks and works for you.  Which brings me to the exiting part:

Now is your big chance!!  Add comments to this blog post about what features you want to see or change, and we’ll see what we can get in to the next big release in January.   This is your opportunity to shape this app and make it work just how you want – how often does that happen??

Sneak Peek of TouchDown for iOS 2014!

With the latest release of TouchDown for iOS in the Appstore and our developers working like crazy on the next Android version, we thought we’d give you a little holiday sneak peek at iOS version 2014…with some GREAT new features!! Enjoy 🙂

Hot off the Press – new version of TouchDown for iOS

Yes, yes, yes, it’s a holiday present for you !  Fresh in the iOS App Store, you will find the newest iOS release of TouchDown (3.6.2) with these updates:

• SMIME support fixes
• Updated layout for the iPad
• Updated supported for Themes

How to access these fun new themes?  Simply go to Setting—->General—>Themes.

Pick the one of your choice, and exit out of  the app and reopen to see the changes. Here’s a few shots:

Forest Color Palette

Dawn Color Palette with calendar event pop-up

Ocean Color Palette in Contacts

**In order to see everything change to the new theme, you will need to CLOSE the App, then reopen, and you will see the theme applied to each element.

Have fun!

TouchDown for Mac – Beta Key

Alright!  Beta testing for TouchDown for Mac is underway…and we LOVE the feedback.  The more feedback we get, the better we can make this product for our users (That’s YOU) , so if you use a Mac, come get your free beta version…which just may turn into a free subscription when you give us feedback…

The following key will work for a limited time only, so get it while you can!

Navigate to http://www.mactouchdown.com

Use TOUCHDOWNMACBETA as a license key.

Download and install TouchDown for mac, play with it, send us some feedback!

Enjoy.

Tasks in Touchdown for iOS

Today we wanted to touch (no pun intended – well, maybe a little) on how to utilize tasks in iOS.  (not iOS7, we’ll get to that once iOS7 is officially released.  Patience, iphone lovers!)

Open Touchdown and Tap the Tasks button.

There are several functions, such as Sort, Filter and Search that I find really critical.

SORT allows you to sort Tasks in the list by:
Subject, Start Date, Due Date or Importance, in either Ascending or descending order.

FILTER
helps you organize your Task list. You can filter by Folder, Category or status such as pending, complete, Overdue or Due today.  I like to have mine set for “due in the next seven days” so I have an overview of all the things I have to get done this week. There are many more options such as “Today AND Overdue Tasks,” etc.  You can totally nerd out on this little detail to make it work for your needs.

SEARCHING FOR TASKS
Open Tasks & pull down on the Tasks bar.

Type in your search criteria.
The best matches for your search criteria will appear below the search bar. Oila!

(To search for Tasks in other folders, Tap the Tasks button, enter search criteria and click search.)

CREATING A NEW TASK

Open TouchDown  and Tap the Tasks button.
Tap the New button and fill in your info!

Pretty nifty.  Task away!  (Im off to write in more tasks…)

Want more mini tutorials? You can find them all in one place right here in our Nitrodesk Knowledge Base!

Dont you hate it when…

Don’t you hate it when you forget to turn off your Out Of Office (OOF) automatic reply?  And no on tells you that your email is sending out an automatic reply that states you will be back three weeks ago.  Somewhat silly in your personal email, and downright unprofessional appearing in your work email.  It is SUPER easy to change this and many other settings on TouchDown, even if you are away from your desk.  (which makes it possible to turn the OOF ON if your forgot to do so and you remember when you are at the airport!)

Lets use the Android Phone as an example.   Simply go to Settings, and then Advanced Settings.
Select Out of Office (OOF) reply

Make your choice

Diasble OOF turns off the automatic Out of Office Reply
Enable OOF sends out an automatic Out of Office Reply, which you can select be internal or external to your organization

Scheduled OOF allows you to specify exactly when the OOF starts and stops – I highly recommend this option if you are setting up your OOF since it requires no further action once you time away is complete.  If you need to add onto it because you are having way too much fun and need to stay away form the office longer, you can easily change this time frame.

 

So there you go!  No worries about leaving on a jet plane and suddenly realizing you are going to have to deal with tardy email responses, or even worse, remembering that you forgot to turn the OOF OFF (say that three time super fast!)

Did you know that we have a ton of how-to’s on all of the TouchDown functions in our Knowledge Database?

How to work with Tasks in Touchdown

We love the task Function on Touchdown.  Whether you use your Android Phone or Tablet, the Tasks Functionality of Touchdown keeps you organized and makes sure that you have dotted all your “I’s” and crossed all your “T’s.” Features related to tasks include the ability to set reminders, priority levels, privacy levels, and to categorize tasks. The main task screen will show you which tasks have been completed and which are still outstanding (I love that part.)  Outstanding tasks will also show up on the main home screen of TouchDown.

Here is a brief synopsis of Filter, Sort and Refresh:

FILTER

The Filter function helps you organize your Task list.

You can filter by Folder, Category or even by the following statuses:

All, Completed, Pending, Overdue, Active, Due Today, Next Seven Days, No Due Date, With Due Date,  AND Today and Overdue.

Phew!  Choose your favorite way of filtering !

SORT

allows you to sort your Tasks in the list by:

None, Category (ascending), Category (descending), Subject (ascending), Subject (descending), Start Date (ascending), Start Date (descending), Due (Ascending), Importance (ascending), and Importance (descending)

You can choose up to three options at once.

(I use category and subject the most.)

REFRESH

removes all Tasks from the TouchDown Task list and repopulates the list with the Tasks from server. However, A Refresh will permanently delete

changes made on the device if they have not yet synced to the server and repopulates with only the data that is available on the server. (This is different

from a Sync command in that a Sync will check the server for changes and also report changes made from the device to the server)

MAIN FUNCTIONS
Along the top of an open task, you have simple controls that allow you to cycle through tasks using forward and back arrows, change the status of a task, categorize the task view with the palette button, or to delete or add a new task.  In the individual task view you can see a summary of the due dates, status, privacy, importance, etc.  Along the bottom, any notes will display that you have associated with the task.

Using Astrid and worried that you won’t have it any longer come August 5th when it gets shut down?  We’ll help you 🙂

Encrypted Email in TouchDown

More and more people are using encrypted email as news about the NSA watching our email and hackers stealing our personal information loom large.  We take the encryption and security of your information very seriously here at NitroDesk, which is why our TouchDown email app uses AES-256 encryption.

SSL and TLS are the main tools that provide the majority of security in the transmission of data over the Internet today. Although these are cited as being “secure,” there is actually quite a range in the level of security that is provided, depending on what encryption technique or cipher is utilized. Like any software, some of these encryption tools are quite weak, while others are very secure.

When choosing an encryption tool for TouchDown, AES  (Advanced Encryption Standard) was the clear and obvious choice for its speed and high level of security. It is based on the Rijndael cipher developed by Belgian cryptographers,  Vincent Rijmen and Joann Daemen.   AES was standardized in 2001 after a 5 year review, and is currently one of the most popular algorithms used in symmetric key cryptography (which, for example, is used for the actual data transmission in SSL and TLS.)   It is also the “gold standard” encryption technique; many security-conscious organizations require that their employees use AES-256 (256-bit AES) for all communications.

AES is based on a design principle known as a substitution-permutation network, and is considered one of the faster encryption methods.  AES is a variant of Rijndael which has a fixed block size of 128 bits, and a key size of 128, 192, or 256 bits. AES was first available in Open SSL starting in 2002, and was the basis of most SSL services in UNIX and Linux environments.    AES is FIPS (Federal Information Processing Standard) certified.

At NitroDesk we recommend ensuring that your server is SSL-enabled, and never accessible through non-SSL connections. TouchDown utilizes HTTPS/SSL for communications with the server when the server is configured for SSL encryption, and utilizes AES-256. This ensures that your information cannot be compromised in transit between your device and the server.  Is your information secure on your device?

Remotely wiping your data through TouchDown

Did you know that TouchDown supports the remote wipe command which may be issued by an administrator or a user in the event that the device has been lost or stolen?  This remote wipe process deletes all the corporate data held inside TouchDown as well as any attachments under its control.

Image from nydailynews.com