Scalable Enterprise Email & Document Security Solutions

Easily protect high volumes of users, emails and documents

Considering 112.5 billion business emails are sent each day, it's clear that email is a mission-critical application. Unfortunately, it's your weakest link and the most common way hackers get their foot in your door. Not a good combination. What would happen if even a small percentage of your communications landed in the wrong hands? With so much at stake, email and document security aren't nice to haves, they're strategic business requirements.

Access Enterprise Grade Solutions

Sign Up

Email & Document Threats are Hitting Enterprises Hard

  • 71%

    Cyberattacks begin with
    spear-phishing emails Source: Symantec

  • 88%

    Malicious emails use
    malware-laden attachments Source: Symantec 2018 ISTR

  • 92%

    Malware is delivered
    via email Source: Verizon 2018 DBIR

  • On average, employees receive 16 malicious emails per month Source: Symantec 2018 ISTR
  • Business email compromise scams cost organizations $676M in 2017 Source: Symantec
  • Fake invoices are the #1 disguise for distributing malware Source: Symantec 2018 ISTR

Email Security Threats

  • Spear Phishing Spear Phishing
  • Main-in-the-Middle Attacks Man-in-the-Middle Attacks
  • Social Engineering Social Engineering
  • Data Loss Data Loss
  • Email Spoofing Email Spoofing
  • Ransomware Ransomware

53% of employees have received unencrypted, risky corporate data via email or email attachments

Source: SilverSky

Secure Email Certificates (S/MIME) Solutions Brief


Security Layers That Provide Essential Protection

You can never have too much security and, when it comes to protecting email communications and sensitive documents, standard protection leaves you with vulnerabilities.

Secure Email (S/MIME) Certificates Defined

Easily deploy, digitally sign and encrypt Email across your enterprise

  • S/MIME
  • Why
  • How
  • Platforms
  • Zero-Touch

What is S/MIME?

  • Employ the industry-standard Secure/Multipurpose Internet Mail Extensions (S/MIME) protocol
  • Use encryption to ensure confidentiality, so only the sender and recipient can read the message
  • Minimize risk by helping you avoid accidental data exposure, privacy breaches and other security missteps that could lead to serious implications
  • Use digital signatures to authenticate that the sender and recipient are who they say they are and ensure non-repudiation
  • Can be purchased individually, in bulk or as part of an MPKI solution
  • Maintain integrity by verifying the content wasn't altered during transit


  • Core email protocols don't authenticate email origin or sender identity, so it's tough to differentiate a spoof email from a legitimate one
  • Email is one of your weakest security points
  • Encrypting your email servers with digital certificates ensures users connect to the right mail server, but doesn't protect the emails themselves, leaving them vulnerable to hackers
  • Email use creates legal and financial responsibilities that require protection

How S/MIME Works

Digital Signature:

  • The signature is generated with a private key and authenticated using the public key
  • The public key/certificate is transmitted with the S/MIME protected email
  • When the recipient opens the email, the public key verifies the signature
  • Every time you create and sign an email, your private key applies your unique Digital signature into your message


  • The sender must have access to the recipients S/MIME certificate
  • Content is encrypted using a public key and can only be decrypted with the private key
  • SSL/TLS provides an encrypted tunnel through which the email is sent
  • S/MIME encrypts the email message

Three Levels of Validation:

  • Individual—requires phone call, government issued ID and a valid email address, the certificate identifies an individual's name
  • Role within an organization—requires a phone call, valid legal existence of the organization and verified employment, these certificates identify the individual and organization name
  • Organization—requires a phone call to the Organization representative and Key Custodian, a valid legal existence of the organization and email domain, this certificate identities the organization name

Server and Client OS Compatibility

Trusted by all major mail clients, browsers and mobile devices, such as:

  • Client OS: Mac OS X, Snow Leopard, Windows 7, Vista, Xp, 2000, Linux Client OS.
  • Server OS: Windows Server 2008, 2003, 2000, Linux, UNIX, Solaris, Novell, etc.
  • Web Server: Microsoft IIS 7, IIS6, Apache, Tomcat, IBM HTTP, Weblogic, Cobalt.
  • E-Mail Servers: Netscape Communicator 4.51+, Microsoft Outlook 99+, Microsoft Entourage (OS/X), Mozilla Thunderbird 1.0+, Qualcomm Eudora 6.2+,
    Lotus Notes (6+)

S/MIME Deployment Reinvented

Sectigo's Zero-Touch S/MIME is the first and only solution that integrates directly with Microsoft Active Directory to automate issuance and deployment of S/MIME certificates across an entire organization.

  • Deploys thousands of S/MIME certificates instantly
  • Installation is automated, no going device by device
  • Easily enroll new employees and revoke departing ones
  • Automate renewals and key rotations

Historically, the only barrier to adoption with S/MIME certificates was the tedium involved in deploying them all and managing them across large networks. Not anymore. Sectigo's Zero-Touch S/MIME reduces thousands of installations down to just a few clicks.

Contact us for a demo and see how simple implementing S/MIME can be!

22% of organizations experience data lost through email each year

Source: Osterman Research, Inc.

How Document Signing Works

Protecting documents is easy and cost-effective

  • Document Signing
  • Why
  • How
  • Platforms

What is Document Signing?

Document Signing Certificates are used to digitally sign important sensitive and confidential documents. They:

  • Facilitate document sharing by allowing individuals, teams and organizations to add a digital signature to a document to prove ownership and integrity
  • Authenticate the document owner/sender and ensure the document hasn't been tampered with or changed by an unauthorized third party
  • Verify document authenticity throughout its lifetime—the digital signature never expires, so if the document is change, the recipient is notified
  • Increase security with digital signature timestamps
  • Can be purchased individually, in bulk or as part of an MPKI solution
  • Prove Ownership
  • Confirm Document Integrity
  • Facilitate Document Sharing
What is Document Signing

Why Document Signing?

  • Think of the damage it'd cause if a malicious third party intercepted your sensitive information—personal identifying info (PII), company financials, sales data, contracts
  • Industry compliance requirements and corporate policies dictate that documents have digital signatures
  • E-signatures aren't enough, they can be forged and don't require two-factor authentication
Why is Document Signing

How Document Signing Works

  • When you sign a document, a unique digital fingerprint, or hash, is created using an algorithm
  • The encrypted hash and signer's public key are combined into a digital signature, which is appended to the document
  • The program also validates that the public key used in the signature belongs to the signer and displays the signer's name
  • When the document is opened, a trust dialog is immediately visible at the top
  • The hash is encrypted using the signer's private key
  • Microsoft Office, or whatever digital signature-capable program the document is opened in, automatically uses the public key to decrypt the document hash
  • The program calculates a new hash and if it matches the decrypted hash, it confirms the document hasn't been altered and displays a confirmation message
How Document Signing Works

Server and Client OS Compatibility

Trusted by all major mail clients, browsers and mobile devices, such as:

  • Client OS: Mac OS X, Snow Leopard, Windows 7, Vista, Xp, 2000, Linux Client OS.
  • Server OS: Windows Server 2008, 2003, 2000, Linux, UNIX, Solaris, Novell, etc.
  • Web Server: Microsoft IIS 7, IIS6, Apache, Tomcat, IBM HTTP, Weblogic, Cobalt.
  • E-Mail Servers: Netscape Communicator 4.51+, Microsoft Outlook 99+, Microsoft Entourage (OS/X), Mozilla Thunderbird 1.0+, Qualcomm Eudora 6.2+, Lotus Notes (6+)

Industry-leading blog series on email-security

Read Now

Our solutions

Through our executive-level partnerships with the world's globally trusted Certificate Authorities (CAs),
we'll enable you with both S/MIME and Document Signing Certificates in one convenient solution.

  • Comodo/Sectigo Personal Authentication
  • Comodo/Sectigo Certificate Manager
  • DigiCert

Personal Authentication Certificates (PAC's)

Add trust and security to all your key business communications

Personal Authentication Certificates (PAC's) give you a 3-in-1 solution that's ideal for large-volume enterprises:

Learn More

  • Authenticate & Encrypt Email

    Authenticate & Encrypt Email Communications Encrypt and digitally sign email communications to confirm the signer's identity and maintain the confidentiality of the message. PAC's are fully compatible with enterprise-level encryption gateway appliances.

  • Manage with Ease

    Manage with Ease Automate the entire lifecycle of your PAC's along with all your digital certificates and do it all through one easy-to-use control panel.

  • Get Flexible Options

    Get Flexible Options Choose from Basic (Domain), Pro (Domain & Identity) and Enterprise (Domain, Identity, Organization). It's easy and affordable to buy individually or in bulk.

  • Digital Signatures

    Facilitate Safe Document Sharing with Digital Signatures Prove the authenticity and integrity of important documents plus save time and money by migrating to digital workflows for everything from contract exchange and request forms to archiving and document sign-offs.

  • Ensure Authorized Access Only

    Ensure Authorized Access Only You need something stronger than passwords to authenticate users trying to access online accounts and network resources. Get bank-standard validation, including two-factor authentication and use of a highly secure PKI to seamlessly authorize access without user disruption.

Sectigo (formerly Comodo CA) Certificate Manager (SCM) for S/MIME

Simplicity and efficiency for less

Learn More

  • Simplify Management

    Save Time & Simplify Management You have better things to do than run around to every machine installing SMIME certificates. Save the wear and tear on your sneakers and do it all using a robust Managed PKI (MPKI) and one centralized dashboard.

  • Efficiently Separate SMIME

    Efficiently Separate SMIME & SSL Certificates Deploying and managing SMIME certificates can be a daily task when associates or contractors are regularly joining and leaving your organization. SCM makes it easy to separate SMIME certificates from your standard publicly trusted certificates to avoid confusion and keep your projects organized.

  • Manage with Ease

    Save Money Minimize costs by just using SCM to purchase and manage SMIME certificates. But, once you see how easy and efficient it us, don't be surprised if you decide to use it for all your digital certificates.

  • EEasily Scale SMIME

    Easily Scale SMIME as Your Company Expands As your organization grows, so does the need to authenticate your employees. Use SCM's cloud-based infrastructure to ensure that no matter how many certificates you're deploying, there's always room for more.


Everything you need to protect your enterprise-wide communications

DigiCert Premium Certificates are ideal for enabling secure email services and client authentication on a large scale.

Learn More

  • Email & Document Security Get Simple Email & Document Security

    One certificate is all you need to authenticate client access, digitally sign documents, and encrypt and sign emails.

  • Increase the Speed of Business Increase the Speed of Business

    Enable whole organization verification and facilitate document sharing with a single click.

  • Access Award-winning Support Access Award-winning Support

    Get answers when you need them via live chat, email and phone—whatever works for you.

  • Increase Protection with Multiple Layers

    Increase Protection with Multiple Layers All certificates include an encrypted digital signature and two-factor authentication.

  • Manage Volumes with Ease

    Manage Volumes with Ease Secure communications as a team, department or company with up to 5,000 signatures per year.

  • Get Flexible Options

    Simplify Management Easily manage the entire lifecycle of your S/MIME and Document Signing certificates in the same centralized dashboard you use for all your SSL certificates.

Find out how to easily manage all kinds of certificates in one dashboard.

Learn More