One of the key points in protecting personal data is to safeguard confidentiality and integrity using encryption.
Encryption ensures that even if attackers can gain unauthorized access to your stored data or intercept data being transmitted, they would not be able to read it.
There are two situations where encryption should be enabled:
- Data at rest. Where data resides in storage. For further information see TDE and BitLocker.
- Data in transit. As data travels on private networks and across the Internet.
How to enforce data encryption
This article describes how to enforce encryption for data in transit.
Transport Layer Security (TLS) is a standard protocol that provides encryption for data in transit using strong authentication and protecting both the confidentiality and integrity of data as it travels across networks.
GFI Products that use a web interface can be accessed over HTTPS to warrant better security.
Please review the articles below to enable HTTPS for your GFI product:
- GFI MailEssentials
- GFI Archiver
- GFI LanGuard
- GFI OneConnect
- GFI OneGuard
- GFI FaxMaker
- Exinda Network Orchestrator
- Kerio Connect
- Kerio Operator
- Kerio Control
Configure IIS to use HTTPS to access the GFI MailEssentials configuration:
Configure IIS to use HTTPS to access the GFI MailEssentials Quarantine:
Configure IIS to use HTTPS to access the GFI Archiver configuration:
Configure IIS to use HTTPS to access the GFI Languard Central Management Server:
Access to GFI OneConnect is done over HTTPS by default:
Configure IIS to use HTTPS to access the GFI OneGuard configuration:
Configure IIS to use HTTPS to access the GFI FaxMaker web interface:
Exinda Network Orchestrator
Configure Exinda Network Orchestrator to use HTTPS to access the interface:
Configure Kerio Connect to ensure the most secure options are enabled:
Encrypting your messages to ensure only message recipients can read it:
Access to Kerio Phone enforces SSL. This setting is controlled in the security dialog Allow only secure connections for Kerio Phone for desktop and web. Access to Kerio Operator is done over HTTPS by default. No configuration is required by the user:
Access to Kerio Control is done over HTTPS by default. No configuration is required by the user:
Access to MyKerio is done over HTTPS by default. No configuration is required by the user: