Virtru is an email solution that allows us to encrypt outbound emails that contain sensitive data, such as social security numbers, addresses, and other PII (personally identifiable information). Virtru offers two methods for doing so, one being a Google Chrome addon and the other being included a keyword in your email subject. It is preferable to use the Virtru addon as it will provide guidance if an email you are sending may contain information that would be best sent encrypted. Setup is easy and use is pretty simple as long as the Virtru addon is enable within Gmail. Virtru is a licensed product, so if you are unsure if you have Virtru access, or believe you would require Virtru access, please contact email@example.com. Clients not licensed with Virtru will not have emails encrypted using the keyword method and cannot use the Virtru addon to send encrypted email.
When should you use Virtru? When sending any potentially sensitive data, such as PII (Personally Identifiable Information). This includes things like social security numbers, passport or visa information, drivers license numbers, credit card or bank info, account credentials, etc. For example, if the IT Help Desk were to request additional information to verify an identity, such as a picture of a state-issued ID, the Help Desk technician could send an encrypted email, and advise the recipient to reply to the encrypted email with the requested information. Sending the forms initially, even if they do not contain any PII yet, could be encrypted to begin the protected exchange back and forth. However, remember, non-Virtru users cannot initiate an encrypted email chain, so they can only reply to encrypted emails. Once the exchange is completed, the Help Desk associate can then revoke access to the email chain, thus preventing any further access to the email from the recipients mailbox (handy if the mailbox is ever compromised or given to another person).
If you are not using Chrome or do not have the ability to install the addon, you can still send encrypted emails by beginning the subject line of your email with the keyword: #SECURE# (this will only work for approved Virtru users). Note that this method leaves the email unencrypted within your Sent mailbox, and does not work when sending encrypted emails internally, so this should be used as a method of last resort. It is preferable to use the addon in Chrome.
Installation of Virtru Addon in Google Chrome (does not work in other browsers)
From within Google Chrome, visit https://chrome.google.com/webstore/detail/virtru-email-protection/nemmanchfojaehgkbgcfmdiidbopakpp and Click Add to Chrome.
Click Add Extension.
A Getting Started page will load, feel free to review this for additional information.
Login to TCNJ email (if not already logged in) and you will receive an activation pop up from Virtru. Click Activate.
You will receive a pop up indicating your Virtru is activated. Click Done in this window. A brief tour of the extension will be offered, click through if you wish.
Now when composing an email, you have the Virtru protection option which you can toggle on when needed. Virtru may also prompt you if you are about to send potentially sensitive information and offer to encrypt.
For example, if creating an email and clicking Send with the Virtru addon disabled, you may be prompted with the below image suggesting that perhaps the email would be better sent encrypted. Virtru will check patterns and other indicators that may show PII (personally identifiable information) or other sensitive data that should not be sent without encryption. You can click Protect & Send to encrypt the email or you can choose to Send Anyway.
Additionally, in the top right of the Chrome window, you can click the puzzle piece to see your installed extensions and pin Virtru to the extension bar. This will allow you to go into the Virtru dashboard (click the Virtru extension symbol and choose Control Center).
Here you will be able to see what emails have been sent using Virtru encryption. Checking the box in front of any email from the list allows you to revoke access to the email. Once checked, click the small hand shaped icon above the list to revoke access.
If access is needed once more, select the email again and click the eye shaped icon to restore access.
Clicking on any of the emails will provide a description of what content the email had that Virtru had detected as well as if the recipient had received and read the email. You are also provided the options to add an expiration date (so the email will no longer be readable) and the option to prevent the recipient from forwarding the email.
Let’s see what the experience will be like for your recipient, or if you receive a Virtru email as a non-Virtru user.
In your mailbox you will see a typical email. Clicking on the email however, you will see the below image in the email body.
If you are already a Virtru user, or have completed this process previously (and have not cleared browser caches or it has not been some time since you completed the process), the email will be decrypted.
Depending on the email address you are using, such as Gmail, you may be provided with the opportunity to use that service to sign in with, otherwise, you will be prompted to sign in with a one time link.
Once verified, you will then see the email that was sent. Replying to this email will send an encrypted reply, which will also encrypted any attachments you add to the email. The attachment icon is the same as many other email clients, the paper clip icon on the bottom row. See images below.
For additional information and options see https://support.virtru.com/hc/en-us/articles/115012442108-Install-and-activate-Virtru-for-Gmail