Encryption of email messages is a common component of enterprise security and privacy. However, encrypted data is typically a challenge for eDiscovery procedures, and is often excluded from review. Zeva SecTool provides the means to decrypt, and encrypt, massive amounts of Exchange data quickly and easily.

In the year 2000, Microsoft released a tool as part of the Exchange 2000 resource kit that could encrypt and decrypt large numbers of email messages. This tool was discontinued by Microsoft and was not available for Outlook versions beyond Outlook 2003. No substitute has been available…. that is, until Zeva SecTool. 


Zeva created Zeva SecTool to provide the ability to massively decrypt and/or encrypt email messages that are secured using Secure/Multipurpose Internet Mail Extensions (S/MIME). Developed by Zeva engineers, SecTool has proven to be a valuable addition to an organization’s IT toolkit. When an email message is encrypted, it is not possible to search or index the encrypted portion of the message. For encrypted messages, the search and indexing capability is limited to the unencrypted portion: subject, sender name, recipient names, etc. 


Zeva SecTool can be used in different ways depending on an organization’s needs. Some need to decrypt and examine targeted user mailboxes during investigations. Others need to decrypt email messages, index the content of the messages, and then re-encrypt the messages. In some regulated industries, examination of all message content may be necessary to meet compliance goals. Zeva SecTool can be configured to meet all these needs. 


In Zeva SecTool V2.0, it is also possible to encrypt/decrypt independent PST files without the need to link them to Outlook.



How does Zeva.SecTool work?


If you need to massively encrypt or decrypt email messages, you will find Zeva SecTool to be a reliable, simple, and efficient tool that can accomplish the job. When you open SecTool, you see two buttons. One is ‘encrypt’ and the other is ‘decrypt.’ For example, if you select the ‘decrypt’ button, SecTool will prompt you to pick a folder. For the folder selected, SecTool will go through every message in that folder. If the email is in unencrypted format, SecTool will bypass it. If the email is encrypted, SecTool will decrypt it. It will keep doing this until every message in that folder is in unencrypted format. Also, there is an option to “unsign” any emails while they are being decrypted.


Once the emails in the selected folder are decrypted, you can search or index them without having to worry about missing any data in the process. When you are done searching, you can re-encrypt the messages to ensure security and privacy is preserved. In addition, you have the option to encrypt all the emails in the folder or just the emails that were previously decrypted by SecTool. Once you decide that, you simply click on ‘encrypt’ and select the folder.  In a matter of a few seconds, all the emails will be encrypted.


SecTool can be configured to run as a service for decryption of all email messages. This configuration is a Zeva innovation called DecryptNaBox.  This service captures messages as they are sent and received, decrypts and stores them in Exchange journaling mailboxes for further processing, and leaves the original messages to be delivered undisturbed in their original encrypted format.  See more at DecryptNaBox (hyperlink).  


For more information on how SecTool works, watch the following instructional video:



How do I Get Zeva.SecTool?


Currently, we have two versions of SecTool. We have a limited version and a full version. The limited version allows users to encrypt or decrypt 10 messages at a time. The limited version is free and can be downloaded here.

 The full version does not set a limit on how many messages can be encrypted or decrypted. To order the full version, please contact us.