Email Encryption

The University of Cincinnati uses hardware devices to ensure that e-mails sent outside of the UCMail system are secure during transmission.

To send an encrypted e-mail:

  • E-mails sent to the following partner sites are automatically secured: (and the legacy HealthAll.Com),, and (Cincinnati Children's Hospital Medical Center).
  • To ensure that e-mails to other sites are sent in a secure manner, type the word encrypt as the first word in the subject line. 

To receive an encrypted e-mail:

  • The recipients of encrypted e-mails (that are not destined to the above partner sites) may be required to create an account on the Cisco Registered Envelope Service (CRES) portal.  The user will receive a message requesting they register with the CRES service and will be re-directed to the Cisco User Registration page.  Users will be required to create an account on the Cisco portal which will be used when they wish to retrieve any encrypted message sent to their email account.  Read detailed instructions on the Cisco Registration Envelope Service.

Here are some points to know when sending an e-mail that needs to be encrypted:

  • UCMail Users (but not UConnect student users): If you are sending e-mail from Outlook 2007 (or newer) to another person at UC who is also using Outlook 2007 (or newer), your connection to the e-mail server is encrypted and thus your e-mail is considered encrypted. HOWEVER, this e-mail will NOT be encrypted if it is sent from/received by any e-mail client other than Outlook 2007 or 2010. ALSO, if the e-mail is sent or received using any other client—Blackberry, iPhone, online e-mail services (Yahoo, Google, others), Eudora, Mac Mail, etc.—it will not be encrypted.
  • Encrypt your attachments prior to e-mailing them, then call the person to provide them the password; do not share the password via e-mail. MS Office 2007 and 2010 use AES, the current government encryption standard.  Note that Office 2003 encryption is weak and is not recommended.  

If your business process requires you to send restricted data to external destinations and the options above will not meet your needs, please contact the IT@UC Office of Information Security at 513-558-ISEC (4732) to discuss other alternatives.

How long will my message remain on the portal? Expand

The Cisco Registered Envelope Service (CRES) will keep an encryption key for a messages for 14 days.  When a recipient receives an encrypted message, they will be redirected to the CRES service for key validation.  No message content is stored on the portal, only the encryption validation key.

How large of a message can I encrypt? Expand

The current size limit on messages to be encrypted is 25 MB.  The 25 MB also includes the message envelope, body and any attachment associated to the message.

What if I deleted the original message with the link to the encrypted message? Expand

The original message that contained the encryption link is required to open the encrypted message. Each message that has a link to an encrypted message will have its own unique secure envelope. If you delete the original message, you will need to have the sender re-send the message.

What if I forget my password? Expand

Users can connect to the following link, click on the “Forgot Password” and enter your corresponding e-mail address. The user will be sent a link to a page where they can easily create a new password. A new password will prompt the user for the Security Phrase and Security Questions for confirmation of their identity.

What if my account gets locked out? Expand

If a user accidentally locks their account, they can contact Cisco Customer Support using the Cisco CRES chat service and speak directly to a Cisco helpdesk representative between the hours of 6am and 6pm PST.  To speak to a representative, click on the enclosed link and request they send you a password reset message.

Click Here for CRES Chat Support

To view PDF files, you will need Adobe Acrobat Reader, a free download.