secure

Secure & Automated Email Communication

Challenge-Digital Communication between Compliance and Customer Value

Business Challenges

Regardless of industry or company size: As soon as personal data is transmitted by email – such as customer data, health data, personnel files or supplier data – encrypted transmission according to GDPR is mandatory.

In addition to GDPR, many companies in research and development want to protect their know-how from access by third parties.

Furthermore, KRITIS requirements, the NIS2 directive and industry-specific compliance requirements (e.g., in insurance, healthcare or automotive) place additional demands on confidentiality, traceability and IT security.

Encryption is essential for both B2B and B2C communication. However, many mail servers or M365 environments do not offer end-to-end encryption or intelligent automation. This is exactly where mail:u Secure comes in.

Many conventional mail servers or standard mail solutions do not offer comprehensive control over email communication security.

Whether a message is actually transmitted encrypted depends in normal cases on the recipient server and the configuration in between – the sender usually has no influence on this.

With the widely used transport encryption (e.g., via TLS), the email is only protected until the next node in the transmission path. What happens after that is beyond the control and influence of the sender.

End-to-end encryption – i.e., one where the content cannot be viewed by anyone on the transmission path – requires additional measures. mail:u Secure provides this security: automated, rule-based and traceable.

mail:u Secure - The Solution

mail:u Secure acts as an upstream crypto gateway and takes over the protection of your email communication – via SMTP or Microsoft Graph API:

• S/MIME or PGP encryption as soon as a valid key is available
• Portal-based storage or sending as PDF container when recipients have no keys
• FileLink for large or sensitive attachments
• SECFLOW preview directly in Outlook – prevent misdelivery
• Audit log and archive export for GDPR, IDW PS 330, ISO 27001 and NIS2

Provision as SaaS in ISO-27001 data center or containerized in your private cloud or on-premises.

Modules Overview

Workflow Engine

Automated workflows for email processes with intelligent rule processing.

Learn More →

Portal

User-friendly web portal for secure access to sent information.

Learn More →

FileLink

Secure transfer and management of large files.

Learn More →

SECFLOW

Users in your company get the opportunity to intervene and receive information about the secure transmission of email and attachments.

Learn More →

PDF Encryption

As an alternative to the portal application, emails and any attachments can also be transmitted in a PDF container.

Learn More →

PKI Automation

Automated Public Key Infrastructure for managing your S/MIME and PGP keys.

Learn More →

Operations & Integration

Flexible operating models and seamless integration into existing IT infrastructures.

Learn More →

Compliance & Audit

Comprehensive compliance solutions and audit tools for regulatory requirements.

Learn More →

Intelligent Email Processing

Workflow Engine – Heart of the Gateway

The rule-based email workflow engine usually replaces static rule sets that are based on sender and recipient with flexible policies. Each message is automatically processed according to recipient, sender, content or attachment classification – In addition to sender, recipient, content and attachments, the individual control commands of the user are also evaluated and integrated into the processing. (Outlook Add-in and Client Control). In addition to direct encryption and processing of emails, the Workflow Engine can become the central hub around email. Any third-party systems can be integrated into the routing. For example spam protection, archiving, sandbox, file processing, ERP processes etc.

Example rule (simplified):

IF Recipient-Domain = [AT]insurancepartner.de AND Attachment.Size > 25 MB THEN Attachment → FileLink (Expiry: 14 days) AND Mail → S/MIME encrypted & signed ELSE IF Key missing → Mail → PDF container with portal return channel

Workflow Engine - Heart of the Gateway - Intelligente E-Mail-Verarbeitung

Outlook Integration

SECFLOW – Outlook Pre-Send Check

The Outlook add-in shows a summarized result of the following sending before sending. Through a simple overview, the user learns whether the email can be sent according to the specifications:

• Key found, secure encryption
• Portal or PDF container when key material is missing
• Policy violation, e.g., private address or missing classification

This allows the user to very easily evaluate before sending whether the sensitive information can/may be sent in this way. In addition to viewing the processing, the user can specifically force or adjust encryption. These functions represent an optional way to involve the user in the decision with minimal effort, even without knowledge of encryption or leaving the familiar tools.

Industry-Specific Solutions

Industry Benefits

• Digital damage file: Images & videos via FileLink, automatic deletion after retrieval
• Broker communication: Central signature verification, audit-proof archive copy
• Communication with end customers (insurance/finance): Secure simple portal-based communication
• NIS2 audit: TLS 1.3, AES-256-GCM, audit log for SIEM integration
• Supply chain: PDF container or portal access for partners without key infrastructure

Our Unique Features

Your Competitive Advantages

• Rule-based workflow engine – automated central encryption
• SECFLOW Outlook add-in – visualization before sending
• FileLink – secure, GDPR-compliant alternative to WeTransfer
• PDF encryption – possible even without key material
• Flexible operating models – SaaS, private cloud or on-premises
• Fully automated PKI – no admin effort anymore
• Made in Germany – development, hosting & support
• Portal: with two FA for sending to recipients without key material

Operating Models – Flexible and Future-Proof

SaaS

Multi-tenant operation in our ISO-27001-certified data centers from Germany

Private Cloud

Helm charts for OpenShift, AKS, Rancher

On-Prem Appliance

Air-gapped for reinsurers & authorities

Practical Use Cases

Industry Use Cases

• Digital damage file: Upload via portal → FileLink → handover to DMS
• KRITIS / NIS2: Automatic certificate renewal, log streaming via OpenTelemetry, incident hooks for SIEM

Do you have any questions?

FAQ

Does the gateway support central rules for controlling encryption?

Yes – the workflow engine evaluates each message rule-based. Different rules, conditions and actions can be chained together.

Does the recipient need their own certificate?

No – if a key is missing, portal access or PDF container automatically takes effect.

How quickly are we live?

SaaS pilot in under 2 days, on-prem cluster in under a week.

Does mail:u Secure meet NIS2 requirements?

Yes – strong cryptography, tenant isolation, audit log, incident webhook.

Do you have any further questions? Contact us

Ready for Secure Email Communication?

Our Whitepaper to mail:u secure

Our white paper offers you a comprehensive insight into the latest technologies and best practices for secure communication. Discover how our customized solution mail:u secure efficiently secures your business processes.

By downloading the white paper, you agree to subscribe to our newsletter. This will be sent regularly to the e-mail address you have provided. You can revoke your consent at any time with effect for the future at UPONU GmbH or by using the unsubscribe link contained in the newsletter.

I consent to UPONU GmbH informing me by email about offers, products and news. My data will be used exclusively for this purpose. I can revoke my consent at any time by using the unsubscribe link contained in the e-mails. The privacy policy of UPONU GmbH applies.