Steven Margolies: Thank you for waiting. We can get started now. My name is Steven Margolies. I am the senior director of customer support.
Introduction to Virtru for Gmail Training
Steven Margolies: I am going to lead today's session and teach you a little about Gmail. Today's session is Virtru for Gmail essential user training. Today, we are going to cover what Virtru is and why it is important, how to use Virtru for Gmail, the Chrome extension, how to get support, and then at the end, we will have time for a Q&A.
Understanding Virtru's Purpose
Steven Margolies: So what is Virtru? Virtru is an email and file encryption solution that gives users full control over their sensitive data. We play a key role in helping customers keep their content secure and stay compliant with major privacy regulations such as HIPAA, FERPA, CJIS, and others. Using Virtru to encrypt your content ensures that customers stay compliant with regulations. Failure to adhere could result in large fines. It limits the risk of a data breach, providing an additional layer of security to help you maintain control of your content and ensure only authorized recipients access that content. It also helps you maintain trust. If you did have some sort of breach or compliance violation, that can undermine trust with your customers. Reputational and economic fallout can be very large.
When should you use Virtru? This is not an all-encompassing list. Your organization might have different specific needs, so make sure to talk to your administrators, but these are some common reasons that folks will go and purchase Virtru. Maybe they are dealing with health services data, such as HIPAA compliance. Maybe they are handling court data, police and fire data, or anything involving case reports, investigations, and criminal justice information. It could be in an HR function where you have onboarding paperwork and you are sharing someone's Social Security number. You could be dealing with other situations involving Social Security numbers or any sort of revenue sharing. Finally, children and families, anything that is personally identifiable information, PII, or HIPAA information. Again, these are just examples for guidance. Definitely talk to your administrators regarding when they would like you to use Virtru.
Live Demo Overview
Steven Margolies: The main part of today's session will be how to use Virtru. In a moment, I will jump into a live demo in which I am going to walk through installation, activation, sending securely, applying security settings, reading secure emails, secure search, the recipient experience, and additional tips and tricks. Let's get started, and if you have questions, feel free to send them in throughout the presentation. I will go through them all at the end.
Installation Process for Virtru
Steven Margolies: The first thing we want to cover today is installation. The easiest way to find Virtru is to go to our website at virtru.com/install. You could also look for the Virtru Google Gmail extension, or from our help center, we have links. You can see there is a link to the web store, or if you are on the Virtru page, we have a link that goes to the Chrome web store, and you simply hit add to Chrome. Note that if your administrators choose, they might force-deploy the extension so that you do not have to manually do this. Once the extension is installed, you will get a brief get started page if you want to learn more about Virtru. I am actually going to go through a lot of this content. Then, once you go into Gmail, you will get a prompt to actually go through the activation flow. It is pretty simple. You click it, and it should complete the process on its own and give you a confirmation.
If for whatever reason you did not activate with that prompt and you dismissed it, you would actually see an activate button at the top of your window where the toggle is currently. We give you multiple opportunities to activate Virtru so you can use it when you need it.
Sending Secure Emails
Steven Margolies: With that toggle, you can choose to either have Virtru encrypt your email and your actual draft, or you can leave it off if you do not want to send securely. For a simple message, set your recipient. You can add an attachment, and you can see it has a TDF, which is trusted data format, to show that it has been encrypted. All of this content in the body and the attachment are encrypted from Google right now. They only see the recipient and the subject line if Virtru is toggled on. When you are sending, you can also apply additional security settings. We are going to go with some basic ones such as disable forwarding and watermarking. Once your message is ready, you can hit secure send.
We will look at the recipient experience in a minute. I also want to show you some security rules that might appear depending on administrative settings. Let's say you have Virtru off, and you are sending a Social Security number. Your administrator might have a rule set internally. If I hit send, you can see sometimes Virtru might automatically encrypt the content. That might just be a setting that has been applied for your team. If you have any questions, talk to your admins. Or you might get a warning saying that we found some content you might want to encrypt, and then you can make the decision whether or not to encrypt if it is something that should be protected. Again, these are all admin-set internally, and you cannot change any rules for yourself.
Recipient Experience with Secure Emails
Steven Margolies: Once that content has been sent, your recipient will receive an email. This is the typical unbranded experience. However, admins have the ability to set up custom branding where they can choose the color and a different logo to put in there. In both cases, the recipient will receive an unlock message button. Once they are in there, they can select or enter their email address. If it is not there, maybe they were BCC'd, or if there are a lot of recipients on a message, we are going to immediately go to the entry field. However, if the user was not on the message and they try to enter a new email address, they will not get access.
If they select an email address that is either Google or Microsoft, we do have the ability to sign in with the provider or do a one-time verification email. For someone that does not have Google or Microsoft, the only option will be the one-time verification email. Just to show you what that email looks like, users can take the code or click the link. Once they do that, they will be directed into their message. You can see it notes the security settings that were applied. I did use watermarking, which disables downloading if applicable, and when the user goes to view the content, it will display the recipient's address across the face of the document. So again, no downloading, and their email address is across the face of the document if they were to screenshot it. If I turn this off as the sender, or if a watermark is not applied, this would be downloadable.
As a recipient, if I want to send something back, I can do so in the portal as well. I can add attachments if I wish, and I can securely send that back. I will get a confirmation as the external party. I will also get a copy in my mailbox. It shows the beginning of my email address, but it is coming from virtru.com. As the original sender, the Virtru customer, you get a copy, and you will see that content automatically decrypts, as well as the original message I sent.
Managing Sent Content
Steven Margolies: After sending a message, you can manage that content. You can always go in and manage the security settings. Maybe I do not want disable forwarding, or maybe I do not want watermarking. The next time they open that content, those security settings will no longer be applied, or maybe I need to revoke access to that message altogether. It does take a moment to kick in. I clicked the recipient's reply message on the original email, and you can see the message has been revoked.
Another option you have is, if your administrators have enabled secure search, you will be able to search for keywords within your messages. If I want to look for the word chicken, I can go in, search for that, and you can see it found the email I just sent because encrypted search is enabled. You can also manage your content from the control center. If you are a Virtru user sending content, you can go to the control center and manage that content. The link is nested in the menu button as a quick link. Most of you will only have the personal tab. If you are an administrator, you will have the admin tab. If you go to my data, you can find the content that has been sent.
That covers the bulk of the demo, which is pretty straightforward. However, I want to make sure we cover anything you might have questions on, so I will open the floor to any questions.
The first one I see is: Can you set content to revoke in, say, two days? Absolutely. When you are sending a message, you can set an expiration date. Once you go into the control center, you can change it, and you can set the number of days, or you can do it more granularly by minutes, hours, days, weeks, months, or years. What happens is that content expires for the recipient. Even if you revoke something or if something expires, you as the sender and your internal administrators always have access to the content and the ability to change the settings. If that two-day expiration window hits and the recipient reaches out saying they missed it and need access, you can set a new expiration date to give them two additional days.
Expiration and Revocation of Messages
Steven Margolies: There is a question on persistent protection. That is going to be visible for some users. Let me show that experience for a moment. There might be different settings based on what an administrator has requested. The default settings will be disable forwarding, expiration, watermarking, and persistent protection. By request, we can adjust some of these if your administrators would like. Persistent protection requires that any document, assuming it is compatible, will only be viewable in the Secure Reader. A user might see a download button when they are viewing that content, but when they download it, it is actually downloading a link that goes back to the Secure Reader. It requires that they reverify themselves with Virtru and ensures that they only view that content within the Secure Reader.
I have a question: Why would the toggle disappear? While composing an email, the toggle should not typically disappear. There can be occasions where if Gmail is taking a long time to load initially, Virtru might time out and not load. We would suggest doing a hard refresh where you hold shift on your keyboard and refresh the page, and that should help ensure that the toggle loads.
Next question: Do expiration dates impact internal email logging requirements for compliance procedures, or can they still be logged? That is an interesting question. I am going to break it down into a couple of different pieces. For expiration dates, that is only applying to recipients. You as the sender and your internal administrators always have access. Regarding internal logging, the message is encrypted. Even in your archive, Google Vault for instance, that email is going to be encrypted. As soon as you hit secure send, even in your sent folder, that message is encrypted. We do have options for admins to enable their plug-in to work in Vault, and we also have more advanced administrative tools if there is a need to decrypt content in bulk. Your expiration date is not going to affect any of those processes. It is only going to affect your external recipient, or really any recipient that is not an internal admin, and stop their ability to open that message.
There was a question: Is there a way to set Virtru so that it is toggled on by default? I briefly showed you the control center before. End users do have a settings section where they can set some content. They can set a personal introduction that they want to apply to their emails if they want to differ from an administratively set one. There are also areas where end users can set the default state of the toggle. When they hit a new message, is the toggle defaulting to the on position, the off position, or just mirroring the last message sent? I will note that administrators can set something for the team and lock end users from adjusting that setting.
Does a repeat recipient have the ability to see all encrypted emails at one time? For the recipient, the only way for them to get to their messages is by going to the original email itself. There is no portal they can go into to see all the secure emails they received. They have to go back to that original message and click unlock message. Assuming they are saving those emails, they can click unlock message to get in and access that content as long as the sender has not revoked access. I will say that once they verify in the same browser session, they can just hit unlock message and get into that content.
Support and Resources
Steven Margolies: They do not need to verify again in that same session. One final thing I want to show you is how to get support. We have two options. We have self-serve. Go to our help center. We have tons of articles aimed at you as the end user and aimed at your recipients. That is support.virtru.com. If you do not find an article that answers your question, we do have a contact form where you can tell us about the issue you are having, and we are happy to help. In the end user section at support.virtru.com, we have some general content as well as an area specifically for Google and Gmail. It has a lot of how-tos, troubleshooting, and everything else you might need.
Another question: Does the system run in the cloud where multiple users can access saved reports that need to be manually downloaded and sent? This email product for Gmail relies on all parties having the message in their mailbox. Me as the sender, or any of my recipients, need to be one of the listed recipients on the message, and they still need to have that message in their mailbox so they can access the unlock message link or use the plug-in to decrypt it. We do not have any sort of centralized portal where all of our messages can be found, viewed, and downloaded. If you have teammates that need to access content you are creating, you would want to include them on the recipient list so they get a copy in their mailbox and can access the content that way. We do have some other products, a drive extension as well as Secure Share, which is a file-sharing solution that is going to have some additional updates coming this year that might more closely align with what you are looking for. However, from the Gmail product perspective, it is strictly based on who is on the message and whether or not they still have that message in their mailbox to access the content.
Conclusion and Closing Remarks
Steven Margolies: Well, I think that is it for today. Thank you everyone for joining. Hopefully, this was a beneficial experience for everyone. If you have any questions, reach out to the support team. We are happy to help. Hope everyone has a great day.
/Virtru%20Academy%20Live/virtru-for-gmail-101-VAL-26.png)
/Virtru%20Academy%20Live/val-secure-share-users-cover.webp)
/Virtru%20Academy%20Live/VAL%20-%20End%20User%20MS%20Outlook.webp)
/Virtru%20Academy%20Live/VAL%20-%20ADMIN%20CONTROL%20CENTER.webp)
/Virtru%20Academy%20Live/VAL%20%20ADMIN%20USER%20ADOPTION.webp)
/Virtru%20Academy%20Live/VAL%20-%20ADMIN%20SECURE%20SHARE.webp)
