Confidential e-mail

Securemail service continued until November 2020
The discontinuation of the Securemail service aroused a lot of discussion among university staff. In order to provide the best possible service to university staff and students, we will continue the Securemail service beyond the previous discontinuation date of 31 August 2020 until November 2020. The precise discontinuation date will be specified later. We will inform university staff and students about the discontinuation well in advance.

You can start using Office 365 Secure Message Encryption with these Helpdesk instructions

For service addresses, we recommend still using the Securemail service

Secure mail allows the sending messages safely and receiving the response confidentially to any e-mail address. The University of Helsinki utilises Microsoft Office Encryption software to protect the confidentiality of e-mails. Using the software does not require any software to be installed on the sender’s or the recipient’s workstation. All employees and students of the University of Helsinki who have an Office 365 username have the opportunity to send encrypted messages.

All communications need not be encrypted.
Implement encryption individually when handling encrypted materials. More detailed classifications in Flamma.

Tabs

Detailed help

Sending a message

Instructions for Office 365 users can be found in the separate Microsoft Office Encryption instructions.

Confidential communications initiated by an outside party

Follow this procedure if an outside party needs to send confidential information:

  1. Send an encrypted message to the outside party and ask them to reply to the message.
  2. The response is protected. You can use the same thread for encrypted discussions. If necessary, you may move information into a different system (such as a ticket system) for improved communications. 

Both the sender and the recipient can reply to the message so that their message is encrypted. 

You can still use Deltagon Securemail service until November 2020. Read instructions here

Sending an attachment in an encrypted format

Several methods are available for sending files in an encrypted format:

  • Send the attachment using the secure e-mail service of your own organisation (e.g. Microsoft Office 365 Message Encryption at the University of Helsinki)
  • If the outside sender does not use encryption software (e.g. they don’t have an Office 365 username), a University of Helsinki user can send a protected message through Office 365 Message Encryption, and the recipient can attach the file to their reply message. 
  • You can send the attachment using Funet Filesender and password protection. This method is used by the members of the HAKA federation. 
  • Encrypt the file to protect it (e.g. 7zip) and use a suitable method, such as Funet Filesender, e-mail attachment or the sender’s own file sharing service in the transmission. 
  • You can also use separate encryption software, such as GnuPG (More detailed instructions are available here).

Message storage time

There is no limit on how many times messages can be read, and they do not expire. A message can be deleted just like a normal message.

This is how secure e-mail works

  • The sender selects ENCRYPT in the message settings and sends the e-mail using an e-mail application as usual. 
  • It is now easier to read encrypted messages on mobile devices. With Outlook for Android/iOS, reading an encrypted message is as simple as opening a regular message (Outlook will still inform you when opening a message that is encrypted).
  • In other e-mail applications, messages can be read by opening the attached HTML file and by logging in with your [O365 account] (e.g. rekeskiva@ad.helsinki.fi), or by requesting a temporary security code to be sent via e-mail.
  • There is no limit on how many times messages can be read, and they do not expire (anymore).
  • The recipient can still send a secure reply. 
  • On university computers, this is available, for the time being, in OWA and Mac’s Outlook, and it will become available in Windows Outlook as soon as the software is updated. This is available on your home computer since it has Outlook Office 365.

Old Securemail instructions (will be discontinued on November)

These are the old instructions that will be removed when the service is discontinued.

Sending a message

Secure mail allows a safe sending of messages and confidential receipt of the response to any e-mail address.

You can specify the security level used for sending the message:

  • At the Kirje ("Letter") level, communications are automatically secured using SSL encryption, and the message is locked with Deltagon MessageLock™ technology.
  • At the Kirjattu kirje ("Registered letter") level, the recipient is additionally verified by means of SMS authentication. In practice, when the recipient opens the message, the system asks for the PIN code which is sent to the recipient's mobile phone as a text message at the same time.
    Use this option if the message contents are particularly sensitive.
    NOTE: You can send the code ONLY TO A FINNISH MOBILE NUMBER!

Only send e-mail with this method to personal addresses. Do not send encrypted mail to service addresses. They have several readers, and only one (the first) of them can open the message!

Letter level

  • At the Kirje ("Letter") level, you can send an encrypted message just like a normal one. The only difference is in the recipient's address: add .s at the end of the recipient's address.

Registered letter level

  • At the Kirjattu kirje ("Registered letter") level, you can send an encrypted message just like a normal one. The only difference is in the recipient's address: add .phonenumber.s at the end of the recipient's address.
  • NOTE: You can send the code ONLY TO A FINNISH MOBILE NUMBER!

 

Check the address line and verify that the address and phone number are correct before sending the message!

 

Reading a message

  • Click the link in the message. The message opens in a new browser window.

Replying to a message

  • Open the message using the link in the receipt notification.
  • Click REPLY.
  • Type the message and click SEND.
  • You will get a confirmation that the message was sent successfully.

Adding an attachment to the message

  • Click Browse.
  • Choose an attachment (1) and click Open (2).
  • Click ATTACH.
  • The selected attachment is shown under Attachment. When you have added all the attachments, click SEND.

Confidential communications initiated by an outside party

Deltagon's secure mail can be used by parties other than University of Helsinki people as well. Outside parties can send e-mail from any address, but only to university addresses in the format firstname.lastname@helsinki.fi! This means that you can ask your cooperation partners outside the university to send secure mail to you according to these instructions.

Please note that the address is not verified by any means. If you receive secure mail from external sources, verify the identity of the sender by some other means.

  • Log in at https://securemail.helsinki.fi.
  • Type your own address to the From field. Helsinki.fi addresses cannot be used for this method of sending.
  • Click CONTINUE.
  • Type the recipient's name at the University of Helsinki in the To field (1).
  • To add several recipients, use the plus button, or remove recipients using the minus button (2).
  • When you have added all the recipients, click DONE (3).
  • Fill in the Subject and Message fields and send the message as usual.

Storage of messages on the server

Unopened messages are stored on the server for a period of maximum 60 days. The message is stored for 30 days after it has been read for the first time.

You can only open the message once using the e-mail link. If you want to reopen the message, do not use the cross button (top corner) to close the message. Instead, click LOGOUT. The message cannot be opened again if you close it incorrectly!

  • Click LOGOUT to close the message.
  • Select either Cookies or Password as the authentication method (1).
    • If you use cookies, the message can be opened using the same browser on the same workstation.
    • If you use password, the message can be opened in other browsers and workstations as well.
  • The message is closed. The software reminds you of the last storage date of the message.
  • Remember to clear the browser's cache. If you are using cookie authentication, do not remove the cookies, however; just clear the cache.

Saving messages

You can save messages on your own computer, for example. If you save messages, remember information security (more information in Flamma).

  • Select the save format in the drop-down menu and click SAVE. Jos käytät eväste-tunnistusta, älä poista kuitenkaan evästeitä (cookies) vaan pelkästään välimuisti (cache).

This is how secure e-mail works

  • The sender sends their e-mail as usual using a mail application, adding the ".s" identifier after the recipient's address (such as reci.pient@helsinki.fi.s).
  • The ".s" identifier indicates that the message should be encrypted, and it is sent to the Sec@GW server.
  • The encrypted message is saved and a notification e-mail is generated and sent to the recipient.
  • The recipient opens a secure connection (SSL) to the server using the link in the notification message. At the "registered letter" level, a PIN code for opening the message is sent to the recipient's mobile phone when the link is opened.
  • The recipient can send a secure reply, allowing the message to be read as normal e-mail.