EN 
email-security-background-696x450magnifying glass

Secure E-mail Frequently Asked Questions

General

Do any restrictions exist for sending confidential information through Secure Mail?
This service is intended for business use only and provides security up to the confidentiality level 'Strictly Confidential'.

How does the registration work?
Please refer to the ‘Getting Started’ section. All Ivoclar Vivadent employees need to register for Secure Mail. It has to be repeated once you have received a new workstation (or got it restaged) or if you have changed your e-mail address for any reason.

Will Secure Mail store any e-mails, which I have sent securely?
The Secure Mail system will not store any e-mails. E-mails will be delivered directly to the recipient’s mailbox and will be stored as well in the sender’s ‘Sent Items’ folder.

Technical limitations
The maximum message size is limited to 15 MB for encrypted e-mails. The Secure Mail web service does not allow more than 9 separate attachments.

encryption problemsmagnifying glass

Ivoclar Vivadent Employee FAQ

New workstation or new e-mail address?
Once you have received a new workstation (or got it re-staged) or you are using a new e-mail address, you have to follow the whole registration procedure again. See 'Getting started'.

Encryption Problems' error message (while trying to send an encrypted email)
When you try to send an encrypted email and the error message Encryption Problems is displayed (see image above), the recipients Email address may be wrongly cached or your Outlook client lacks of correct settings. To solve the issue you need to first delete wrongly cached email addresses, start typing the desired email address and before pressing enter, click on the cross of the popup as shown in the figure below.

Outlook Web Access
For security reasons, we do not support the possibility to read or send encrypted messages in OWA (Outlook Web Access). Users can read signed E-mails but cannot send signed e-Mails to other internal users.


encryption problems 2magnifying glass

This should solve the issue, if it did not please renew your LDAP settings by following these instructions below.

1. Open your Account settings in Outlook

  • File/Account Settings/Account Settings.../Address Books 

2. Delete the existing Totemo LDAP Server directory in Outlook
3. Create new LDAP entry by selecting New...

  • enter Server Name: secmail.ivoclarvivadent.com

· select More Settings … 
· Under Search tab enter following value on Search Base, Custom: dc=example and close window with OK.

encryption problems 3magnifying glass
  • Select Next >, Finish

4. Restart Outlook

Your digital ID name cannot be found' error message (while opening an encrypted email)
You are usually getting this error when your workstation lacks your personel Secure Mail encryption certificate. This might happen if you have received a new workstation (or got it re-staged) or you have received a new e-mail address. Please follow the whole registration procedure once again. See 'Getting started'.

My PIN has expired / PIN not visible after login - How can I get a new PIN?
The link in the email with your certificate attached ('.pfx') is only valid for 30 days. Once 30 days exceeded, you will need to start the registration process again as described on the 'Getting started' page.

encryption problems 4magnifying glass

How to send Secure E-mails using Outlook

  1. Open a new email.
  2. Select Encrypt and Sign

Note:

  • You need to be online to use the Secure Mail service. If you want to send secure emails written offline, save the email in the “Drafts” folder and send it securely as soon as you have access to the network. Encrypted e-mails can be read offline.
  • If the "Encrypt" and "Sign" buttons are not available in the Outlook toolbar your certificate is most probably not installed correctly. If a restart of Outlook does not help, you will need to follow the whole registration procedure again. See 'Getting started'.

Can secured e-mails be archived?
Secured e-mails underlay the same archiving policies as other e-mails.

I forgot/lost my password for Secure Mail. What can I do?
Secure Mail uses your windows credentials (UserID and password). In order to reset it please contact your local IT Service Desk.

Sign and Encrypt buttons are missing or grayed out in Outlook
A common reason for missing buttons in Outlook is that the certificate is not registered/installed properly. If a restart of Outlook does not help, you will need to follow the whole registration procedure again. See 'Getting started'.

How can I enable a shared mailbox to use Secure Mail?
Shared mailboxes are supported in general. Please ask the local Service Desk for support to enroll the certificate for the shared mailbox.

If you cannot find and solve the issue you are looking for please contact your local IT Service Desk. If this did not help, you can open a Ticket in the Ticket System of Ivoclar Vivadent with a specific error description and steps to reproduce.

Why I’m sending sometimes encrypted e-mails without selecting e-mail encryption
If you receive an encrypted e-mail and you forward or answer the encrypted mail the encryption channel will not be changed. This is a security feature from Outlook.

encryption-problems-4magnifying glass

Certificate renewal for internal users

If your internal certificate is expired, please follow the instructions below to renew your certificate.

  • First you will be informed that the new certificate can be download.


encryption-problems-5magnifying glass

Login and download the new certificate. (You will download the certificate in a ZIP File which contains the old and new certificate)

  • Save the ZIP File to your Home drive Share and extract the two certificates.
  • Install only the new certificate. The new certificate can be identified by the date notation in the certificate file name.
  • After the certificate has been installed successfully, switch to your Outlook client. 
  • In Outlook open File – Options – Trust Center – Trust Center settings – E-Mail Security.
  • In the E-mail Security settings select settings.
encryption-problems-6magnifying glass
  • Select choose for Signing Certificate
encryption-problems-7magnifying glass
  • Select More choices
encryption-problems-8magnifying glass
  • Select the new installed certificate which can be identified by the expiration date.
encryption-problems-9magnifying glass
  • Do the same steps for the Encryption Certificate

Important:

To renew the certificate on your Mobile Phone, please contact your local IT Service Desk for support.

External Partners

How does the registration work for external partners?
An Ivoclar Vivadent employee will initiate the registration by sending an encrypted e-mail to the external partner. The external partner then need to register for Secure Mail with a One-Time-Password. After successful registration the external user will receive the encrypted e-mail in one of the possible forms (refer to 'Getting started' for more information).

Note: Please check whether it is deemed necessary to have a “non-disclosure agreement” in place to exchange confidential data with external entities.

Why do I receive a PDF-form with login (SecurePDF)?
External partners will receive SecurePDF per default. You can prevent the usage of SecurePDF by uploading your personal S/MIME certificate to the Secure Mail service site. For that, you need to login to the Secure Mail login page and navigate to 'Preferences'.

Please find the details about S/MIME usage in the user's guide referred to at the bottom of this page.

I forgot/lost my password for Secure Mail.

  1. Access the Secure Mail login page 
  2. Click on Forgot Password 
  3. Answer the security questions 
  4. Set new Password

Please note that this only works if you have registered manually for the Secure Mail Web Portal before.

How to change the Security Channel
If you want to change your defined security channel from “Webmail” to “Pushed PDF” (You will receive the encrypted E-Mail) you need to login to the Secure Mail Login with your E-Mail address and your Password.

Select Account overview and “Channel for secure messages” on the left hand. Select your preferred secure channel (Ivoclar Vivadent recommends “totemomail PushedPDF” if you don’t own a S/MIME certificate. Press Save to save the changes.

How do I send secured e-mails to Ivoclar Vivadent employees?
External partners that are already registered can send a Secure Mail message over the Secure Mail Web Portal (see Secure Mail login page).

Alternatively, you can use the S/MIME-approach and upload your personal S/MIME certificate to the Secure Mail service. Please find the user's guide referred to at the bottom of this page for details.

I need help, whom can I contact?
External partners have to inform their Ivoclar Vivadent contact who will submit the issue to the Ivoclar Vivadent IT Service Desk.

Note: The Ivoclar Vivadent IT Service Desk cannot be contacted directly by external partners.

How can I use my own S/MIME or PGP certificate to communicate with Ivoclar Vivadent employees?
If an external partner wants to use S/MIME or OpenPGP certificates, the Secure Mail system provides the following possibility: 

  • Login to the Secure Mail login page.
  • Click on Preferences
  • Click on Certificates:
  • Select the certificate file you would like to import.
  • Click Import
  • Navigate to Users Preferences
  • Change the Security Type to S/MIME or PGP
  • Click on Logout

Please find the details about S/MIME usage in the user's guide referred to at the bottom of this page.

Where can I create or request a S/MIME certificate?
Commercial suppliers of S/MIME certificates are listed below. As a suggestion, you can register with one of them:
SwissSign
Comodo (Free download certificate)

Please find the details about S/MIME usage in the user's guide referred to at the bottom of this page.

I received an error when sending/forwarding an email via Secure Mail Portal to non-Ivoclar Vivadent receipients.
Due to security reasons, an external user is not allowed to send Secure Mails to other external users. You are only allowed to send Secure Mails to Ivoclar Vivadent internal domains.

Can I open SecurePDF on an Apple iOS device?
The PushedPDF totemo mobile reader app allows you to easily read and reply to SecurePDF on any Apple iOS device.

Are the usage of Secure E-Mail associated with costs?
No. The usage of the Ivoclar Vivadent Secure E-Mail solution is free to use.


If you cannot find and solve the issue you are looking for please ask your contact person at Ivoclar Vivadent to forward your issue to the Ivoclar Vivadent IT Service Desk.