Configuring and Using Cisco Business Class Email for Android
Overview
The Cisco Business Class Email (BCE) mobile application provides you the ability to receive and send encrypted email messages directly from your Google Android smartphone devices. Depending on the configuration mode of the Cisco BCE mobile application, the following tasks can be performed:
Licensing Versions and Configuration Modes
The Cisco Business Class Email application is deployed in three separate licensing versions that determine the configuration mode for the application. The default configuration mode for the Cisco BCE application is Decrypt Only and can be downloaded from Google Play.
In order to enable the other versions and configuration modes, the smartphone device is configured by an updated attachment file received from the administrator.
The three licensing versions and configuration modes are:
|
|
-
|
Decrypt Only. Allows decrypting of secure email messages received. |
|
|
-
|
Decrypt and Flag. Allows decrypting and flagging of secure emails messages. The flag option allows you to flag the email for encryption, and the email is encrypted by the Cisco IronPort Encryption appliance or Email Security appliance before the email is sent out of the network. The server must be configured to detect the flagged messages and encrypt them at the server. |
Supported Operating Systems
The Cisco Encryption Compatibility Matrix lists the supported operating systems for Cisco BCE and can be accessed from the following URL:
http://www.cisco.com/en/US/docs/security/iea/Compatibility_Matrix/IEA_Compatibility_Matrix.pdf
Downloading and Installing the Cisco Business Class Email Application
To install the Cisco BCE application, go to Google Play from your Android device and search for the Cisco BCE application. Download the application and start the installation on the device. See Licensing Versions and Configuration Modes.
Opening Cisco Business Class Email for Android Application
After the Cisco BCE application is successfully installed on your Android device, you will see a new Cisco BCE application icon. To open the application, tap the Cisco BCE icon from the Android home screen. Starting the application adds the necessary menus to the device that allow you to send and receive encrypted emails.
Application Landing Screen
Tap the Cisco BCE icon to open the application landing screen. Depending on the configuration mode, some of the icons on this screen are dimmed, indicating unavailable. See Licensing Versions and Configuration Modes.
The following table describes the application landing screen options:
Launching the Cisco Business Class Email Configuration File
The Cisco BCE application must be open and running prior to opening the securedoc.html attachment from your email account.
To enable and configure the BCE application:
|
Step 2
|
Open the securedoc.html file attachment from your email on your Android device.This automatically configures the Cisco BCE application installed on your device. |
|
|
-
|
Complete the New User Registration form and click Register. Then check your inbox for the account activation email. |
|
|
-
|
From the account activation email, click the Click here to activate this account link. A message indicates that the account activation is confirmed and you can now view encrypted emails sent to the registered email address. |
Configuring Settings for Cisco Business Class Email
General email security options can be configured from the Settings screen. To access these settings, tap Cisco BCE > Settings. Depending on your configuration mode, some of the options are not available for configuration. See Licensing Versions and Configuration Modes.
The following email security options are available from the Settings screen:
|
Option
|
Description
|
|
Cache Password
|
By default, this option is enabled to ensure that the encryption password is cached. If you clear the cache, you need to re-enter the password at the next login.
|
|
Cache Duration (mins)
|
Enter the cache duration in minutes.The default is 1440 minutes.
|
|
Clear Cache
|
Tap to immediately clear the cache. The cache is automatically cleared when the device is shut down or restarted.
|
|
Set Expiration
|
Check this option to specify how long the encrypted email message remains valid. See Set an Email Expiration Time.
|
|
Default Expiration (mins)
|
Enter the default expiration time in minutes. This option specifies how long the encrypted email message remains valid. After the number of expiry minutes is met, the message expires, and it cannot be opened by the recipient after this period.
|
|
Request Read Receipt
|
By default, this option is enabled to request a default read-receipt notification to the sender when the recipient opens the encrypted message. See Receive a Read-Receipt.
|
|
Allow Reply
|
By default, this option is enabled to specify that an encrypted message that is replied to is automatically encrypted. See Reply/Reply All/Forward an Email.
|
|
Allow Reply All
|
By default, this option is enabled to specify that an encrypted message is automatically encrypted when you reply to all of the recipients.
|
|
Allow Forward
|
By default, this option is enabled to specify that an encrypted message that is forwarded is automatically encrypted.
|
|
Message Sensitivity
|
By default, the message sensitivity is set to High. The other options from the drop-down list are Medium and Low. See Message Sensitivity.
|
|
Diagnostic Log Level
|
Set the type of logs being maintained by the application by defining the log level. See Setting Log Levels.
|
|
Diagnostic Email
|
Define the email address that will receive the diagnostic emails for troubleshooting.
|
|
Diagnostic Subject
|
Define the text that appears in the subject line for diagnostic emails.
|
|
Cache Envelope Size (MB)
|
The downloaded secure envelopes are cached on the device after they are opened for the first time. By default, this number is
6 MB.
|
Email Encryption Options Available by Configuration Mode
The Cisco BCE application is deployed in three separate licensing versions that determine the email encryption options available and the configuration mode for the application. For more information about deploying the different configuration modes, see Licensing Versions and Configuration Modes. The option of opening an encrypted email is available in all three configuration modes.
The following sections describe the email encryption options in each of the three configuration modes:
Options Available in Decrypt Only Mode
The default configuration mode for the Cisco BCE application is Decrypt Only and this version can be downloaded from Google Play. In Decrypt Only mode, you can receive and open encrypted messages, but you cannot send them.
Opening an Encrypted Email - New Message
The Cisco BCE application enables you to open an encrypted email message directly from your Android email client.
To open a new encrypted message:
|
|
-
|
Complete the New User Registration form and click Register. Then check your inbox for the account activation email. |
|
|
-
|
From the account activation email, click the Click here to activate this account link. A message indicates that the account activation is confirmed and you can now view encrypted emails sent to the registered email address. |
The secure email is decrypted and the message is displayed.
Opening an Encrypted Email - Previously Opened Message
After a message has been opened, the email will be in the inbox of the Cisco BCE application, and can be opened again from the Cisco BCE inbox.
To reopen an encrypted message:
|
Step 1
|
Tap Cisco BCE > Inbox to open the inbox email accounts screen. |
|
Step 2
|
Tap All Email Accounts or a specific email address. A list of the decrypted emails for the selected account displays. |
The decrypted message is displayed.
Options Available in Decrypt and Flag Mode
The Decrypt and Flag mode allows decrypting and flagging of secure email messages. The flag option allows you to flag the email for encryption, and the email is encrypted by the Cisco IronPort Encryption appliance or Email Security appliance before the email is sent out of the network. The server must be configured to detect the flagged messages and encrypt them at the server.
In order to enable the Decrypt and Flag mode, the smartphone device is configured by an updated attachment file received from the administrator. These options are available after you receive and launch the updated attachment file from your smartphone email account.
Opening an Encrypted Email - New Message
The Cisco BCE application enables you to open an encrypted email message directly from your Android email client.
To open a new encrypted message:
|
|
-
|
Complete the New User Registration form and click Register. Then check your inbox for the account activation email. |
|
|
-
|
From the account activation email, click the Click here to activate this account link. A message indicates that the account activation is confirmed and you can now view encrypted emails sent to the registered email address. |
The secure email is decrypted and the message is displayed.
Opening an Encrypted Email - Previously Opened Message
After a message has been opened, the email will be in the inbox of the Cisco BCE application, and can be opened again from the Cisco BCE inbox.
To reopen an encrypted message:
|
Step 1
|
Tap Cisco BCE > Inbox to open the inbox email accounts screen. |
|
Step 2
|
Tap All Email Accounts or a specific email address. A list of the decrypted emails for the selected account displays. |
The decrypted message is displayed.
Flagging an Email for Encryption
The Flag Encryption option allows you to flag the email for encryption, and the email is encrypted by the Cisco IronPort Encryption appliance (IEA) or Email Security appliance (ESA) before the email is sent out of the network.
To flag an email for encryption:
|
Step 1
|
Tap Cisco BCE > Secure Compose to open the Secure Compose screen. |
Complete the appropriate fields:
|
Step 6
|
Tap Send. The message is encrypted, attached as an HTML file to the outgoing email, and sent. |
Options Available in Decrypt and Encrypt Mode
The Decrypt and Encrypt mode allows encrypting and decrypting of secure email messages. In order to enable the Decrypt and Encrypt mode, the smartphone device is configured by an updated attachment file received from the administrator. These options are available after you receive and launch the updated attachment file from your smartphone email account.
Opening an Encrypted Email - New Message
The Cisco BCE application enables you to open an encrypted email message directly from your Android email client.
To open a new encrypted message:
|
|
-
|
Complete the New User Registration form and click Register. Then check your inbox for the account activation email. |
|
|
-
|
From the account activation email, click the Click here to activate this account link. A message indicates that the account activation is confirmed and you can now view encrypted emails sent to the registered email address. |
The secure email is decrypted and the message is displayed.
Opening an Encrypted Email - Previously Opened Message
After a message has been opened, the email will be in the inbox of the Cisco BCE application, and can be opened again from the Cisco BCE inbox.
To reopen an encrypted message:
|
Step 1
|
Tap Cisco BCE > Inbox to open the inbox email accounts screen. |
|
Step 2
|
Tap All Email Accounts or a specific email address. A list of the decrypted emails for the selected account displays. |
The decrypted message is displayed.
Sending an Encrypted Email
When sending an encrypted message, the message will be encrypted for all recipients.
To send an encrypted email:
|
Step 1
|
Tap Cisco BCE > Secure Compose to open the Secure Compose screen. |
Complete the appropriate fields:
|
Step 6
|
Tap Send. The message is encrypted, attached as an HTML file to the outgoing email, and sent. |
Reply/Reply All/Forward an Email
An encrypted email that is replied or forwarded is automatically encrypted by default. The secure message will allow zero or more of the following:
Based on the permissions defined in the Settings screen for the encrypted email, applicable menu options are added to the smartphone device. For example, if the encrypted email has permissions to Forward only, then only the Forward menu option would be available. See Configuring Settings for Cisco Business Class Email.
Replying to or forwarding an encrypted email:
|
Step 2
|
Tap the Android Menu key. Tap Secure Reply or Secure Reply All, or Secure Forward. |
The original message is added to a new message compose screen. Add a response and delete or modify the content from the original message.
|
Step 4
|
Tap Send. The message is encrypted, attached as an HTML file to the outgoing email, and sent. |
Lock or Unlock an Encrypted Email
After sending an encrypted email, the email can be locked to prevent the recipient from opening the email. This option can be used if the email was sent to the wrong recipient or if there is updated information since the email was sent.
To lock an encrypted email:
|
Step 1
|
Tap Cisco BCE > Sent Items. The Cisco BCE Mailbox screen displays a list of email accounts from which encrypted emails were sent from the device. This screen is not displayed if encrypted emails have been sent from one email account. |
|
Step 2
|
Tap All Email Accounts or a specific email address. A list of the decrypted emails sent from the selected account is displayed. |
|
Step 4
|
Tap Lock. The login screen is displayed if the cache duration has expired. |
|
Step 6
|
Tap Lock. Successful locking of the email message is confirmed. Locked emails are displayed with an icon of an envelope with a lock. |
To unlock an encrypted email:
|
Step 1
|
Tap Cisco BCE > Sent Items. The Cisco BCE Mailbox screen displays a list of email accounts from which encrypted emails were sent from the device. This screen is not displayed if encrypted emails have been sent from one email account. |
|
Step 2
|
Tap All Email Accounts or a specific email address. A list of the decrypted emails sent from the selected account is displayed. |
|
Step 4
|
Tap Unlock. Successful unlocking of the email message is confirmed. |
Set an Email Expiration Time
An expiration time can be set for encrypted email. You can specify how long the encrypted email remains valid. After the expiration time is met, the message expires, and cannot be opened by the recipient. When setting an expiration time, the following options are available:
Default Setting
To set the default expiration interval:
|
Step 1
|
Tap Cisco BCE > Settings to open the Settings screen. |
|
Step 2
|
Select Set Expiration and in Default Expiration (mins), specify the number of minutes after which the email will expire. |
|
Step 3
|
Tap Apply to exit and save the changes. |
Per Message Setting
To set expiration time for a specific email:
|
Step 1
|
Tap Cisco BCE > Secure Compose to open the Secure Compose screen. |
Complete the appropriate fields:
|
Step 5
|
Tap Set Expiration > Set Expiry. The New Expiry Date screen displays. |
|
Step 7
|
Tap Set Expiry to save the changes. |
|
Step 8
|
Tap Apply to exit the Envelope Settings screen and return to the secure email. |
|
Step 10
|
Tap Send. The message is encrypted, attached as an HTML file to the outgoing email, and sent. |
After Sending Message
To set expiration time after sending an email:
|
Step 1
|
Tap Cisco BCE > Sent Items. The Cisco BCE Mailbox screen displays a list of email accounts from which encrypted emails were sent from the device. This screen is not displayed if encrypted emails have been sent from one email account. |
|
Step 2
|
Tap All Email Accounts or a specific email address. A list of the decrypted emails sent from the selected account is displayed. |
|
Step 4
|
Tap Set Expiry. The New Expiry Date screen displays. If the message is already set to expire, the current expiry date is displayed. |
|
Step 6
|
Tap Apply to save the changes. A message displays confirming the date and time that the message will expire. |
Clear Expiration Date and Time
To clear the expiration date and time after sending an email:
|
Step 1
|
Tap Cisco BCE > Sent Items. The Cisco BCE Mailbox screen displays a list of email accounts from which encrypted emails were sent from the device. This screen is not displayed if encrypted emails have been sent from one email account. |
|
Step 2
|
Tap All Email Accounts or a specific email address. A list of the decrypted emails sent from the selected account is displayed. |
|
Step 4
|
Tap Set Expiry. The New Expiry Date screen displays and shows the current expiry date. |
Receive a Read-Receipt
A read-receipt can be requested directly on the smartphone when the sent email is opened by the recipient.
Default Setting
To request a read-receipt (default setting):
|
Step 1
|
Tap Cisco BCE > Settings to open the Settings screen. |
|
Step 2
|
Tap Request Read Receipt. This is enabled by default. |
|
Step 3
|
Tap Apply to exit and save the changes. |
Per Message Setting
This option applies if the default setting is not enabled and you are requesting a read-receipt for an individual email.
To request a read-receipt for a specific email:
|
Step 1
|
Tap Cisco BCE > Secure Compose to open the Secure Compose screen. |
Complete the appropriate fields:
|
Step 5
|
Tap Request Read Receipt to enable this option. |
Manage Sent Secure Messages
The Sent Items screen lists the encrypted emails sent from the smartphone.
To access, tap Cisco BCE > Sent Items. Select an email address and the email you want to modify or view from the list of sent encrypted emails. Tap the selected email to display the menu options.
From Cisco BCE Mailbox, the following can be performed on the sent encrypted emails:
|
|
-
|
Lock. After sending an encrypted email, the email can be locked to prevent the recipient from opening the email. After the email is locked, the Edit Lock Reason and Unlock options are available from this screen. See Lock or Unlock an Encrypted Email. |
|
|
-
|
View Details. View details of the encrypted email sent from the device. |
Sent Email Message Details
From the Cisco BCE Mailbox, details of the encrypted emails sent from the device can be viewed.
To access the Cisco BCE Mailbox, tap Cisco BCE > Sent Items. Select an email address and the email you want to view from the list of sent encrypted emails. Tap the selected email to display the menu options. Tap View Details.
The following information is displayed:
|
|
-
|
From. Email address of the sender. |
|
|
-
|
To. Email addresses of the recipients. |
|
|
-
|
Open Date. Date on which the secure message was opened by the respective recipient. |
|
|
-
|
Locked status. If the encrypted email has been locked a lock icon is displayed. Otherwise, an unlocked icon is displayed. |
|
|
-
|
Locked Reason. Displays comments entered when locking the encrypted email. |
Envelope Settings
When composing a secure email, the message settings for the email you are composing can be changed.
To change the envelope settings:
|
Step 1
|
Tap Cisco BCE > Secure Compose to open the Secure Compose screen. |
Complete the appropriate fields:
|
Step 6
|
Tap Apply to save the changes. |
Message Sensitivity
The sender can specify the sensitivity for the encrypted email from the Cisco BCE > Settings screen or from the Envelope Settings screen.
The following message sensitivity options can be set:
|
|
-
|
High. A high sensitivity message requires a password for authentication every time an encrypted message is decrypted. |
|
|
-
|
Medium. If the recipient password is cached, a medium sensitivity message does not require a password when an encrypted message is decrypted. |
|
|
-
|
Low. A low sensitivity message is transmitted securely but does not require a password to decrypt an encrypted message. |
A default sensitivity of high is set for all messages. The default can be overridden for a specific message by modifying the value in Envelope Settings. See Envelope Settings.
Cache Management
Cache Passwords
The Cisco BCE registered account password is cached for a time period that is configurable from the Cisco BCE > Settings screen. Password caching is On by default and the default cache time is 1440 minutes (24 hours). Caching of the password can be turned off from the Settings screen. Tap Cache Password to turn on or off, then and tap Apply to save changes.
The password cache can be cleared from the Cisco BCE > Settings screen by tapping Clear Cache. The password cache is automatically cleared when the device is shut down or restarted.
Secure Envelope Caching
The downloaded secure envelopes are cached on the device after they are opened for the first time. This avoids re-downloading of a secure envelope when you open the same secure envelope for the second time.
The caching is based on a combination of time and size. The maximum size of cached envelopes is configurable by the administrator. By default, the cache envelope size is 6 MB. A task runs every 24 hours on the device and deletes any cached envelopes that are more than two weeks old.
Troubleshooting Using the Diagnostic Tool
The Cisco BCE application includes a diagnostic tool to help with troubleshooting problems. You can use the diagnostic tool if receiving errors or if there are issues with the Cisco BCE application.
The diagnostic tool attaches the data collected to an email. The diagnostic email contains data information that is generated on the device during your interaction with the encryption application.
Running the Diagnostic Tool
To run the diagnostic tool and send a diagnostic email:
|
Step 1
|
Tap Cisco BCE > About to open the Cisco BCE About screen. If you are in Decrypt Only mode, you need to press and hold the About button in order to send diagnostic mail. |
The Email Compose screen displays with the diagnostic output attached. The diagnostic output includes the three files: device.txt, BCE.txt, and config.txt.
Setting Log Levels
You can set the type of logs being maintained in the application by defining the log level from the Advanced Settings screen. Tap Cisco BCE > Settings. From the Settings screen, tap Diagnostic Log Level to view or set log levels. Depending on your configuration mode, this option might not be available for configuration.
The following log levels can be set:
|
|
-
|
Error. Logs error messages generated by Cisco BCE. This is the default option. |
|
|
-
|
Warning. Logs warning and error messages generated by the application. |
|
|
-
|
Info. Logs errors, warnings, and information messages generated by the application. Logs content that can be used to observe the flow of the application. This option slows down the smartphone device. |
|
|
-
|
Debug. Logs errors, warnings, information, and debug information generated by the application. This option slows down the smartphone device. |
Upgrading the Cisco Business Class Email Application
Cisco BCE application upgrades are available from Google Play. If the application was originally installed using Google Play, you will automatically be notified when an updated version is available.
The previous configuration settings are retained after the upgrade.
Uninstalling the Cisco Business Class Email Application
To uninstall Cisco BCE on the Android:
|
Step 3
|
Tap Applications > Manage Applications. |
The application is removed.
Customer Support
Please contact your system administrator to provide assistance with Cisco Business Class Email.
Feedback