Pros / HP SecureMail provides compliant email communications, a wide range of hardware compatibility and integration with most business applications. It supports one-click and policy-based email encryption and includes numerous reporting options.

Cons / If you use Lotus Notes, you have to send inter-office emails using the Lotus security option. HP SecureMail is not compatible with Android Honeycomb.

 Verdict / HP Security provides compliant email options suitable for all businesses, whether for an accountant working alone or a large multinational financial organization. It integrates easily with existing infrastructure and provides a comfortable recipient experience. HP SecureMail requires few resources to deploy and maintain and satisfies eDiscovery needs. It has every angle covered.

Manage risk by protecting communications, proprietary data and personally identifying information (PII) with HP Security. This email security service provides end-to-end protection that is compatible with all data loss prevention (DLP), security and business applications. HP does not require cumbersome key management, yet it provides security that is stringent enough to meet financial and health regulations. HP is trusted by large financial organizations, but it also offers affordable email encryption subscriptions to individuals. HP has anticipated every need and has created direct integrations and APIs for most popular business applications, making it a valuable companion to existing solutions and our Top Ten Reviews Gold Award winner for email encryption software.

Upon investigating HP SecureMail, you will notice strings of acronyms – MA, PCI, HITECH, UK FSA, EU, ERP, CRM, DLP, HIPPA, PCI DSS and ARRA, to name a few. This is because HP Security provides technologies to satisfy most compliance and regulatory requirements in addition to working alongside business applications. In fact, it functions as a direct companion with DLP solutions to help make policy enforcement consistent. For added integration, it also offers RESTful APIs as a plugin for numerous business applications. This email security is natively compatible with mobile phones, including Android phones. Administrators can easily manage all functions, including policies, deployment and reporting, using the management console.

HP SecureMail is available in cloud, on premise or in hybrid models. The cloud version is hosted by HP and is a fully functional SaaS service with the option to use its Connected Gateway tool to integrate with onsite DLP, security, archive and eDiscovery solutions. The on-premise solution is provided via an integrated ISO image that includes CentOS (a hardened version of Red Hat Linux). The ISO image can be installed by administrators on their choice of hardware. HP also offers a partner edition, which is OEM'd by a few well-known partners, including Microsoft and Websense.


HP SecureMail uses Identity-Based Encryption (IBE), which is a type of public-key cryptography, to generate end user keys using identities. Since the security policies are encoded directly in the encryption and authentication methods, there is no need to manage traditional certificates or certification authorities. This greatly decreases the resources your company needs to manage keys. The HP SecureMail Gateway also supports the common protocols TLS, S/MIME and PGP. To keep processes running smoothly without human intervention, the use of OpenPGP or S/MIME is sparked by whether the recipient's public key is OpenPGP or S/MIME.

This email security company provides a wide range of security products, including those to satisfy health and financial communications. HP specializes in financial communications and provides services such as HP SecureData Payments for end-to-end protection of payment transactions, and payment browser protection via HP SecureData Web. Another offering is SecureData Tokenization, which is a simplified, yet secure service that does not require tedious token management. All solutions are scalable and include no limitations.

HP supports policy-based encryption by utilizing DLP solutions already in place. So rather than having to configure HP to filter email content, it works alongside your DLP protocols. If the data-loss-prevention filter recognizes sensitive content, it is routed to HP, which encrypts it. The admin does not have to configure HP separately to enforce policy. HP is compatible with all major DLP protocols. However, HP can also manage policies and groups and assign unique permissions to different users and groups.

This email encryption company provides an exclusive way to handle disaster recovery. In many cases, if some major failure happens that compromises the keys or stored information, the recipients can no longer access their encrypted emails. Alternatively, if you're fortunate, they may be restorable, but that is time consuming and frustrating. With HP, SecureMail customers create a Master Key (managed under dual controls) that is stored on a removable storage device and redundantly backed up securely (off-premise, most often). If disaster occurs, the Master Key can be restored to a new SecureMail appliance and it will automatically restore all recipient keys without system interruption.

Recipient Experience

For successful and cooperative secure communications, a straightforward recipient experience is vital. Your recipients are your clients, business associates and potential customers, so the last thing you want them to have to do is to jump through hoops to receive your secure email. SecureMail-received mail can be opened using the Outlook plugin or by using the Zero Download Messenger (ZDM). The ZDN is a web-based message application that is compatible regardless of email platform or browser. Messages can also be accessed using any device running a standard browser. Recipients can send secure email messages back to your company free of charge as well.

HP also provides a brand manager. The brand manager can add your logo overlays, email templates and customized web portals for a consistent user experience. HP also offers partner agreements if you want to fully brand its product. In fact, each division or department can have its own branding. HP supports what it calls "tenants," which are groups or departments. For example, you could create a tenant group for the sales department and another one for HR and create unique branding portfolios for each of them.

Administration Tools

IT administrators in most large organization are taxed before adding yet another solution to their system. Good news, many large organizations report the resource usage of deploying SecureMail as low as 10 percent full-time equivalent (FTE). Once deployed, the admin only has to manage policies and groups, monitor events, manage archiving and facilitate legal inquiries. For the most part, deployment is hands off and can be done through the network without individual installations. SecureMail is directly compatible with the Windows Active Directory and Exchange. Users can log in to Windows and be automatically logged in to SecureMail. There is little or no need for admins to have to train new users on how to use the encryption software. In addition, users can request new passwords if they have forgotten them, and the system will handle the creation of new passwords without the admin having to manage it.

There is a wide range of reporting options, including preconfigured reports as well as sort and search options. Preconfigured reports include reports by date, domain, user, sender, reader, user per HP product and deployment reports. From the administration console, admins can easily create new policies such as encryption policies for new clients and mobile policies, as well as authentication and password requirements. Admins can schedule backups and archiving from the console too. Message files are compatible with eDiscovery processes.

Integrations & Compatibility

HP Security anticipates real-world usage scenarios, and based on solid research, it has rolled out numerous direct integrations, helpful APIs and compatibility with most platforms, just as the market demands. HP works with all DLPs, mail servers, enterprise resource planning (ERP), customer relationship management (CRM), Outlook, Lotus, security software, Office 365 and much more. Secure messages are compatible with all email clients, including Outlook, Lotus Notes, Gmail and Yahoo Mail.

HP offers email security for all of your company's endpoints, including mobile phones, tablets and laptops. Unlike some services, HP provides native support for mobile devices rather than relying on mobile devices navigating the web portal, which may or may not be 100- percent compatible. Mobile support is available for Apple iOS 5.0+, Android 2.2, 2.3 and 4.0, and Blackberry 5.0+. This email encryption service is also compatible with identity and access management systems, Blackberry Enterprise Server, mobile device management (MDM), Microsoft Exchange, the Symantec Enterprise Vault, Thales nShield Connect Hardware Security Modules (HSMs) and Operator Card Set (OCS). HP provides APIs for integrating with nearly any businesses solution, making it one of the most compatible email encryption solutions available.

Extra features HP Security provides include secure transmission of large files, digital signatures, file encryption, eDiscovery and archive tools, and secure forms. Using the large-file service, your company can send large files to recipients, who simply click the attachment link to download the large file. The file-encryption service encrypts any kind of file, and it remains secure regardless of where it is stored. The eDiscovery Accelerator allows rapid decryption and indexing to facilitate forensic audits.


HP email encryption is a secure, simple-to-roll-out option for all businesses, from small medical offices to large financial organizations. The company also offers affordable yearly online plans for individuals. If you are looking for a solution that will merge easily into your current network, HP is worth investigating. It offers more direct integrations than most solutions and numerous APIs for working with most business applications. Email communications are compliant, secure and compatible with eDiscovery. HP Security is a complete solution that is proven and flexible. It is well worth looking into.