Supporting Student Notes:

 • Every outbound message is scanned by IronPort Compliance Filters and/or content filters. Messages matching
    defiend encryption policies are encrypted—the encrypted message is delivered to the recipient’s inbox while the
    encryption key is stored in IronPort’s Hosted Keys service.

 • The recipient opens the email message in their standard email client, whether an enteprise client e.g. Outlook or
    a webmail client.

 • Recipient is asked for a password to open the message. The password is authenticated with the Hosted Keys
    service. If successful, the decryption key is returned to the user and…

  … the message is displayed.