How to request a Virtru license



Virtru is a simple way for Gmail and Google Workspace users to share sensitive data with third-parties and guarantee access only by intended persons; which makes it easy for employers to meet data privacy and compliance obligations. When using Virtru to secure emails, all messages and attachments are encrypted with AES 256-bit Access Control Keys on the content creator’s client via Virtru-enabled Crome Browser. Access control policies may also be applied at this time, either manually via the user or automatically via Data Loss Prevention (DLP) rules that are preconfigured by administrators. Examples of access control policies include: authorizing a party’s access, setting expiration for this access, and enhancing content protection via PDF watermarking or download disablement.

Once email bodies are encrypted, they are sent via TLS to the email server that will eventually deliver this content to authorized recipients. Cloud providers, such as Google and Microsoft, cannot access unencrypted content or decrypt content on their servers because they do not have access to the keys stored in the Virtru ACM. To allow recipients to read emails without installing Virtru’s software, Virtru utilizes an external object store, such as Amazon S3, to surface encrypted emails.

The sending Virtru client creates a copy of the encrypted email and any file attachments, re-encrypts them with a separate key, known as a Split Knowledge Key, and sends the re-encrypted content to the designated object store. The Split Knowledge Key is stored inside the email, which is eventually delivered to the sender’s specified recipients. Virtru services do not have access to the sender’s or the recipient’s email servers, ensuring that encrypted content stored in the external object store cannot be decrypted outside of a Virtru client.

For each object, such as the individual email bodies and attachments, an individual Access Control Key is created and sent to the Virtru ACM. The content and key remain separate until a content consumer requests access to the encrypted email content. After authenticating, the content consumer receives access to both the Access Control Key (from the ACM) and the Split Knowledge Key (from the receiving email server). The Split Knowledge Key decrypts the Access Control Key, which decrypts the original email content.

How to request a Virtru license:

  1. Submit a ticket in Service Now for a Virtru licenses located below:

  2. After your request has been approved you will receive an email from the Virtru adminstrator with further instructions.

  3. Read the Install and Activate Virtru for Gmail .pdf located in the Documentation location listed below