Overall Satisfaction with Zix
We currently use Zix to ensure that sensitive data is encrypted when sent via email. Our entire organization uses it, as all e-mail gets relayed through the system to check for PII or other data. Given that we do a lot of work with financial and medical information, it is extremely important for us to have a solution that guarantees privacy protection.
- Encrypts and secures e-mail: Zix transports emails through its own secure, off-network system so attackers have little chance at getting the info to begin with, let alone decrypting it.
- Rules: Zix lets you set up rules to scan for certain topics or data, like socials or medical data, and then respond accordingly. This means not all e-mail has to go out secure, only the stuff that really needs to be.
- Accessibility: Recipients who do not have Zix get a link to log on to a portal where they can read their secure messages, but if they have Zix on their own network, the e-mails come through directly to their inbox with a small header that says it was sent securely.
- Configuration: The UI to configure Zix is rather dated and non-intuitive at times. Some of the configuration options aren't well documented.
- Updates: I have yet to be able to update Zix without calling support. It is a complicated process. Updating the rules files is easy enough, I just wish the rest of the software was as simple.
- Recipient UI: While it's nice to have a portal for recipients without Zix to log in to, it looks very dated, much like the other UIs. We've had vendors ask us if it was legitimate because of how basic it is.
- We have less concern about data leaks through e-mail with Zix, because we know it works. And it doesn't require any end user interaction with the rules (although it does also allow for manual encryption with keywords or e-mail flags).
- The system is also extremely stable, and outside of the upgrade tasks we have to do occasionally, there's not much manpower overhead once it's up and running.
- Recipients do sometimes get confused if they're expecting an e-mail from us, but get a link to log into the Zix portal instead.
From an end-user, sender perspective, there's literally nothing you have to do to use Zix. Just send your e-mail like you always would. If it has sensitive data, Zix will send it through its secure network encrypted. If you do need to send something without information that would trigger a rule, you can set up a subject keyword or flag an e-mail as "sensitive", and it'll encrypt that, too. For recipients, if they do not have Zix, it can be a little awkward, but it's still very functional. They log into a portal, read their message/documents, and can use the portal to reply as well, keeping the information secure in both directions.
ShareFile also sends e-mails outside the regular network path and has a portal that can be configured. However, it requires more setup and manual interaction, and as far as I know, does not encrypt/secure the data at rest the same way Zix does. Zix is almost invisible to end users, and with the rules, there's very high confidence that the data is secure, which I couldn't say was as certain with ShareFile.
Zix is great for anyone who has to send and receive sensitive data like financial or medical records and guarantee their security. If your organization needs to follow regulations like SOX, HIPAA, or something similar, and you have an IT team or managed service provider that can maintain it, Zix is a great solution. I also think it's best suited to an on-premises e-mail solution because of how it integrates with mail flow for scanning, although I believe they have a version for Office 365. If instead, your organization only occasionally sends things secured or does not have the IT support staff to maintain it, it might be worth looking for a different solution. For the most part, once it's installed, it doesn't require much hands-on, but there are enough occasions that without expertise it could remain daunting.
Zix is very good about response times and information. They even proactively e-mail us about known issues. I have never had an issue go unresolved, and the support team tends to answer quickly unless it's a strange, complicated request. The only time that happened was doing a search through logs, and that was entirely on me and my unfamiliarity with their flavor of Linux.
Problems get solved
Kept well informed
No escalation required
Immediate help available
Support understands my problem
Support cares about my success
Quick Initial Response
Yes - We use Zix as our outgoing mail gateway, and we deal with sensitive information that often needs to be encrypted. We cannot afford downtime (not that there ever is much), so we make sure to have support available at any moment. We think of it like an insurance policy, essentially.