Skip to main content

Secure Messaging FAQ

Questions

1.What is Secure Messaging - CRES?

Secure message delivery is a service that guarantees secure delivery of email by either delivering Transport Layer Security (TLS) or by storing the email within the Cisco Registered Envelope Services (CRES) and providing a secure link to the recipient to retrieve the email.

2.How does the process work for the State Employee sending a secure email?

  • The sending email address must be an email account from one of the DoIT email perimeter/protected agencies.
  • The sender will need to input #secure# in the subject line of the email.
  • Also, if the sender includes Social Security Numbers in the content or attachments this will automatically trigger the message to be sent using the secure web mail delivery process.
  •  The SSN patterns to be searched are: ###-##-####, ###.##.####, ###,##,#### and ### ## ####.
  • When the email is sent, email gateways will detect the trigger word #secure# or Social Security Number(s) and complete the process via secure delivery.
  • Secure delivery will verify the recipients email system is TLS enabled.
  • If it is TLS enabled, secure delivery will simply send the message via TLS and the recipient receives the email directly in their inbox as normal.
  • A new email feature we are introducing is using a subject line containing #ILEncrypt#. Placing this in the Subject line will force email messages traveling externally to be stored securely within the Cisco (CRES) and a link provided to the recipient(s) for easy access. The recipient will then receive a message to set up an account, log into our system with these secure credentials and then review their secure message. These messages will be available for two years. The difference between #ILEncrypt# and #Secure# is that #ILEncrypt# will always utilize CRES.

3.If TLS is not enabled on the recipient domain?

  1. Secure delivery will utilize the "Pull" method to keep the email on the CRES server and an email notification will be sent to the recipient indicating that a secure email message is waiting.
  2.  The first time they receive a secure message they will need to create an account on the CRES server to access the secure message. 
  3. Once they have successfully signed up for CRES they will be able to review their message.
  4. After viewing the message, the user has the ability to reply or print.
  5. If the user deletes the secure message from their mailbox, they will no longer have access to the secure message.

4.What is TLS?

TLS stands for Transport Layer Security and is a protocol designed to provide communications security over the internet. 

5.How can I determine if a recipient email system is TLS enabled?

The best way to know if another external entity is TLS enabled is to send a test message using the trigger #secure# to a known user on the external email system and communicate with them to see how they received the message. If they received the email directly into their email account, they have TLS enabled. Otherwise they do not receive the secure message.

6.How long does a secure email reside on CRES?

CRES will expire the message in two years from the date it was received. If the user deletes the original email notifying of the secure message, they will no longer have access to it.

7.How do I access a secure message for the first time?

The first time the recipient receives a secure message, they will need to create an account. From this email, they will activate their account using the attachment contained in this message.

Secure Email

Users will need to click the "securedoc_xxxxxx" attachment at the bottom of the message.

Downloaded Attachment

Users will need to select their email address and select "Open" to start the account creation/activation process.

Cisco Open Account

Click the "Register" link

Register Link

Fill in the appropriate information on the registration page and set your security options.

New User Registration Form

New User Registration Form with Security Questions

Final Step Account Activation

You will then receive a new email which you can activate your account.

Activation Email

Email Address Confirmation

Account Login Form

Once activated, you can go back to the original secure message and log in to read your message.

Secured Message

8.How do I reset my CRES password?

Illinois.gov administrators do not have the ability to reset CRES passwords. Users will need to use the link in the secure email to access the CRES portal to reset their password. After trying to log in you may receive the error below.

Invalid Password

Clicking on the "Forgot Password" link will take you to the following page where you can reset your password by entering your email address and selecting continue.

Forgot Password page

After entering your email address, a reset password email will be sent to it which you can click on the link to reset.

Reset Password Email

After clicking on the link provided, you will be prompted to answer the security questions you set up on your initial registration. If you do not remember the answers to security questions, you will be prompted to contact Cisco support on the link provided.

Security Questions

When creating a new password, you can't use a previous password. A new unique password will be required.

Create New Password form

You can then go to the secure message and use your new password.

Password Success Message

9.How do I view and edit my account settings?

To edit your user profile, you can click on the "Cisco" icon in the upper left corner. From here you will need to enter your email address and password and then select "Edit Profile" in the list shown.

Edit Profile form

If you are having issues, please contact the DoIT Help Desk at 217-524-3648 (Springfield) or 312-814-3648 (Chicago).

Footer