About the FDA ESG

Securely Send Email to and From the FDA

In the light of recent events like the Sony hack, there is growing interest from companies small and large to protect email communications from hackers and unauthorized recipients.

The FDA supports two methods to securely send email to and from the FDA, SMTP encryption using TLS and email encryption using S/MIME.

Encryption using Transport Layer Security (TLS)

Protecting your email server protected with TLS encryption protects your emails from your browser to client to your email server. As your emails travel to other servers, those servers must also use TLS.

  • Emails sent between your email client and server are encrypted while in transit

  • Encrypts and delivers mail securely for both inbound and outbound traffic

  • Prevents unauthorized interception between mail servers- keeping your messages private while they’re traveling between your email server and the FDA email server

  • Protects you from being vulnerable from man-in-the-middle (MITM) attacks

Starting at -/per year

Encryption using S/MIME Protocol

S/MIME certificates enable users to encrypt emails, ensuring only the intended recipient can access the contents. The same certificate can also be used to digitally sign emails, assuring the email recipient that the email came from you and the email has not be altered in transit.

  • Encrypts the actual email message

  • Ensure that only the intended recipient of your email can read it

  • Encrypted email messages stay encrypted at rest- messages cannot be accessed even if your email servers have been hacked

Buy S/MIME Now
Starting at -/per year

The FDA accepts both methods. To learn more about the difference, please see “Encrypting emails vs. encrypting servers.