Frequently Asked Questions


Do you have questions about SmartLockr? View the frequently asked questions here - hopefully, these will help you on your way! Is your question not listed? Please contact us and we will be happy to help you.

Integrations and supports 

Yes, SmartLockr uses an API. For more information about our API click here.

SmartLockr offers a JSON interface with the following functions: creating a channel, creating and uploading an attachment in a message, reading, and deleting the aforementioned items.

The authentication of the API is done through the OIDC client credentials flow.

Yes, that's possible.

No, there is no support for Remote Portlets (WSRP).

That depends on the extent to which this is necessary in combination with Active Directory Integration.

That depends on the extent to which this is necessary in combination with Active Directory Integration.

No, that is not possible.

Yes, this can be done in several ways. SmartLockr stores sent emails in the "sent items", so they are archived in the normal way. In addition, SmartLockr has an SMTP Relay Service, which can relay e-mail traffic via the SmartLockr environment and there is a SmartLockr API.

Availability and performance

SmartLockr guarantees a minimum availability of 99.95%. In the past year, this was 99.98%.

SmartLockr uses Microsoft Application Insights, this information is not visible to customers.

The SmartLockr database supports Point-in-time Restore, through automating full backups, differential backups and transaction log backups.

Full database backups are made weekly, differential database backups typically every 12 hours, and transaction log backups generally every 5-10 minutes.

The frequency is based on the calculation size as well as the amount of database activity.

RTO is 1 hour, RPO is 5 seconds based on automatic recovery of Azure SQL databases: https://docs.microsoft.com/en-gb/azure/azure-sql/database/business-continuity-high-availability-disaster-recover-hadr-overview

 

Recovery is done automatically by the Business Continuity features of the Microsoft Azure platform: https://docs.microsoft.com/en-gb/azure/azure-sql/database/business-continuity-high-availability-disaster-recover-hadr-overview

 

Security and privacy

 

Authorization

Yes.

Yes, sender, recipient and/or administrator.

Yes, this is possible in Exchange or Office 365.

Yes, on functionality this is done by means of GPO and the administrator portal.

On data, this is done on the basis of access to a mailbox and adding a person to a portal.

Yes, that is partially possible.

Yes, but depends on how this is configured through GPO.

Yes, but depends on how this is configured through GPO.

Yes, that is possible.

Yes, if everything is configured via Active Directory.

Access

Yes, SmartLockr supports SSO. You as an organization can decide for yourself whether this will be used.

Regulations and Compliancy

Every user has to log in once by means of two-factor authentication. The moment a recipient receives health information from your organization, they must also authenticate themselves once via 2FA.

SmartLockr integrates with (Azure) Active Directory: other SSO integrations can be made from here.

SmartLockr is ISO 27001: 2017, NEN 7510-01: 2017 and NTA 7516: 2019 certified .

Yes, although it is true that SmartLockr encrypts all data Zero Knowledge End-to-end, but we can record which data we do need to use the service.

All connections to and from the SmartLockr platform are secured with TLS1.2 connections. Some strong encryption algorithms are used here.

SmartLockr cannot access the data, because everything is zero-knowledge end-to-end encrypted.

Every time our system detects sensitive data, the user gets a notification or the 2FA becomes mandatory (to be determined by the administrator in the admin portal of their choice).

We do this by means of verification screens, code words, Machine Learning and Artificial Intelligence. Every time our system dictates sensitive data, the user receives a notification or the encryption becomes mandatory (to be configured according to your own choice).

Every time our system detects sensitive data, the user gets a notification or the 2FA becomes mandatory (to be determined by the administrator in the admin portal of their choice).

Yes, reports can be shared on request.

Storage and archiving

Yes, everything is encrypted, sent encrypted and stored encrypted.

SmartLockr uses Zero Knowledge End-to-end encryption and therefore does not store the key. See also SmartLockr architecture.

Yes, this can be set through filters in the SmartLockr administrator environment.

In the Azure Datacenter in Amsterdam, with a backup in Dublin (Ireland).

Yes, SmartLockr does.

Yes, it can.

Yes, it can.

Yes, it can.

Mobile

Yes, any device can be used to use SmartLockr.

No, no notifications can be given to make the user aware of any errors (no awareness)

No data is saved.

Yes, that is possible.

Yes, SmartLockr has a responsive web app.

Management

Yes, SmartLockr is delivered complete.

Yes, SmartLockr is delivered complete.

Yes, SmartLockr is delivered complete.

Yes, as an organization you retain control yourself.

Yes, via the administrator portal.

All functions are provided with try-catch blocks so that every error in the application is logged. These logs can be securely shared with us from within the application.

Our support team is available every working day to assist your administrators.

Users can be created through a link with Azure AD or ADFS.

Access to SmartLockr is possible at user and group level, certain settings too. This can be done through the management environment and GPO settings.

Use

 

Send large files

With Smartlockr one can exchange very large files. The maximum is 5TB per document. The speed of the system does not decrease while large files are being sent.

No, every accessible format can be shared.

With Smartlockr one can send upload requests in order to safely share files, one can also create upload portals on which relations and customers can share files with your organization in a safe manner.

To see whether a data leak has occurred, we believe it is of utmost importance that communication is traceable and thus the user can see whether the email has been opened and whether the file has been downloaded.

SmartLockr archives all emails neatly in the Sent items.

The user can share multiple files simultaneously with different file formats.

SmartLockr encrypts the entire message, including meta data such as on cc and bcc. This information is therefore not visible for anyone.

Smartlockr seamlessly integrates into Outlook thus ensuring perfect sharing within Outlook.

User-friendliness

Safety is one, but user-friendliness for the sender as well as the recipient is just as important. Smartlockr does not change anything about the work process of the sender or the recipient.

Data leaks are prevented by creating awareness among the user. We do this through verification screens, code words, Machine Learning and Artificial Intelligence. Every time our system detects sensitive data, the user receives a notification or the encryption becomes compulsory (can be adjusted according to your own preferences).

Data leaks are prevented by creating awareness among the user. We do this through verification screens, code words, Machine Learning and Artificial Intelligence. Every time our system detects sensitive data, the user receives a notification or the encryption becomes compulsory (can be adjusted according to your own preferences).

Because SmartLockr seamlessly integrates into Outlook, any adjustment to the work process is kept to its minimum.

To ensure this does not require too many actions or lead to irritation, Smartlockr makes use of Single Sign-on. This means that the sender as well as the recipient has to authorize a single time with two factors.

NTA7516 compliant recipients do not require another authentification, similarly to internal recipients (can do so). In order to send to external contacts, a telephone number has to be filled in by the sender.

Yes, this is sent along in the same way it would without Smartlockr.

Employees can read incoming encrypted messages normally from within their own inbox.

SmartLockr offers the product via a licensing model. A license goes per named user and functional mailboxes are free.

Convenience for recipients

When the recipient has been verified once (2FA), he/she will experience no changes in the work process.

It is of course very important that privacy-sensitive data is sent with optimal security. To ensure that this does not lead to many extra actions and irritation, SmartLockr uses Single Sign-on. This means that both sender and receiver only need to authenticate once with two factors. Then no longer necessary in the future.

NTA7516 compliant recipients do not need to authenticate themselves (again), just like internal recipients (allowed). To send to external contacts, a phone number must be entered by the sender.

When an email arrives at the recipient, it can easily be replied to. This can be done in precisely the same manner as on the normal Outlook email.

Messages can be archived with the single press of a button.

Through the present communication portals, it is easy to make safe and secure contact, on one's own initiative.

Security options

Including awareness with Outlook. Excluding awareness with other email-clients through the SmartLockr Secure SMTP Relay Service.

Next to the Outlook Client plug-in, SmartLockr also has a Web Add-on, to ensure webmail can be sent securely as well.

Our support team is available every work day to be of service to your administrators.

An admin can make these adjustments with SmartLockr. The admin can either allow a user the option or force it.

SmartLockr remembers the choice of the employee and can share this too.