This feature is enabled by request only
Please contact your Customer Success Manager or Virtru Support to enable this feature for your team.
About
In addition to encrypting messages and attachments, Virtru gives users the ability to apply and manage additional security settings. Among these settings is the option to choose whether their recipients will be required to authenticate before accessing the secure message and files. This feature is called "Require Authentication," (formerly called "One-Click").
When an organization has this feature, users have the option to toggle authentication on or off for every secure email they send. If Require Authentication is off, the recipient will not be required to verify their identity to access a secure message. The message will still be encrypted, but once a user clicks the Unlock Message link, they will be routed directly to the content in the Secure Reader. This saves non-Virtru users time and makes it easier for them to access secure content. However, it is not as secure as requiring users to authenticate prior to accessing a message (which is Virtru's default for all secure messages).
This feature can be applied using our Gmail plugin, the Outlook Desktop Extension (Desktop only), the Outlook 365 Add-in (for Web, Desktop, Mobile), or the Control Center.
Note
Require Authentication is not available for Virtru mobile apps (iOS or Android), organizations with a Customer Key Server (CKS), and cannot be enabled in conjunction with Disable Forwarding, Watermarking, or PFP.
Jump to:
Manage Require Authentication in Virtru Email Clients
Manage Require Authentication Access in the Control Center
Recipient Experience
Security and Compliance Considerations
Manage Require Authentication in Virtru Email Clients
Require Authentication can be turned off prior to an email being sent
1. Open a new draft and toggle Virtru ON.
2. If you are using Virtru for Gmail, open the Security Options menu. Security options for the Outlook Desktop Extension are visible in the Message tab while composing a message. Security options for the Outlook 365 Add-in are visible once the Virtru add-in is opened and toggled ON.
3. Toggle Require Authentication OFF (For Gmail and Outlook 365 users, this will automatically enable a 30 day expiration, but this can be changed). If you are using the Outlook Desktop Extension, toggle "One-Click" on.
4. Compose the rest of your message and Send.
Default State
If you want require authentication to default to OFF for all new secure messages, please contact Virtru Support.
Require Authentication can also be managed after an email is sent
1. With Virtru enabled, open the sent secure message. In Gmail and Outlook 365, expand the Security Options menu. In the Outlook Desktop Extension, these settings are visible in the Home tab of the Inbox view or the Message tab of the popped-out message view.
2. You can then turn Require Authentication (or One-Click) on or off
Manage Require Authentication Access in the Control Center
1. Log into the Virtru Control Center and head to the Email section.
2. Click on the email in question.
3. In the metadata menu that appears on the right, expand the Security Settings section.
Please Note
In the Control Center "Require Authentication" is still called "Enable One-Click." This will be updated in the near future. For now, if One-click is ENABLED, authentication will NOT be required. If One-click is DISABLED, users will be required to authenticate.
4. You can then adjust the security setting as desired.
Recipient Experience
When recipients receive an email with Require Authentication turned OFF, the content will still be encrypted and non-Virtru users will still see the Unlock Message template.
When the recipient (or any user with the link) opens the Unlock Message link, they will be routed directly to the decrypted message in the Secure Reader. They will not follow the typical verification process.
In the top right corner (if they have not previously logged into the Secure Reader), they will notice that they are logged in with their IP address.
Users will only be prompted to verify their identity if they want to reply to the secure message. This is required to ensure the authenticity of the source of any content that’s in that Secure Reply and so that the user can receive a copy of their reply.
Clicking Verify will route a user to the verification screen to begin that process.
Security and Compliance Considerations:
Virtru's Require Authentication feature is designed to be leveraged as one part of your Security compliance strategy. When Require Authentication is toggled OFF, recipients of Virtru-encrypted messages will be able to access secure email and attachments in a single click. In addition, unlike traditional encryption approaches (eg, TLS, Portal Based solutions), senders and organizations maintain control of email and attachments through on-demand revocation, setting content expiry rules, and fine-grained audit.
When Require Authentication is toggled OFF, it will remove Virtru's identity verification and automatically add a 30-day expiry by default (you can manually change or remove the expiration date if desired). Removing Virtru identity verification increases the risk that unintended recipients may be able to access Virtru-protected content before the automatic expiry. Any customer considering toggling Require Authentication OFF should consider this risk in the context of their specific use cases for this feature.