Overall Satisfaction with Zix Email Encryption (ZixEncrypt)
We started off using Zix as standalone clients for certain departments like execs and HR. We moved to a Zix Gateway solution so that any email that matches certain lexicons will be flagged to be encrypted as they're going out. HR still uses the client so they can encrypt internal emails if needed. The main issue we've encountered really isn't our issue, it's more out of our control. Outside users who receive Zix encrypted emails are leery to log in and create a Zix login as they may not be familiar with it. Also, encrypted emails are only kept for 30 days and are deleted afterward and if users haven't checked it by then they will not know what the email was about.
- Zix comes preset with certain conditions/lexicons that capture most "private" info like SSNs, credit card numbers, medical records, etc. They can be customized further and also use "definitions" similar to antivirus software that can be updated. It can also be set to read a certain word or phrase in the subject or body that will automatically encrypt an outgoing email. Once set up, it is transparent.
- Outside users who send Zix encrypted emails to us automatically will get unencrypted at our gateway so there's nothing our internal end users need to do. It is transparent bi-directionally.
- Without the need for a Zix client to be installed, there's less "PC touching" and the benefits of encrypting email are corporate-wide. Licensing becomes easier as there's no need to re-license hundreds of individual clients, just the gateway.
- The initial setup may be a bit tricky for companies that are not well-versed in the way internet-routed email works.
- A way to automatically, NOT automatically encrypt an email if you didn't want to. The way to do this is a bit cumbersome at the moment.
- Reporting is a bit kludgy. If there was a dashboard to be able to easily pluck out individual emails that would be a nice feature. Of course, Zix may have this already but I'm not aware if it was installed or if it's an add-on.
- The most positive impact is that now emails can be encrypted and we are in compliance. Being compliant in itself is enough ROI as fines may be extremely hefty if sensitive data was being emailed but not encrypted in transit.
ZIx is especially useful in commerce and healthcare where a lot of sensitive information, like credit cards, social security numbers, and medical records, are sent via email. It wouldn't be suitable for small business as the complexity and the cost would outweigh the benefits...in which case the client install is more appropriate if email encryption is desired.