Managed S/MIME is a centrally managed service for deploying and operating S/MIME email certificates across an organization. Administrators can issue, renew, reissue, and revoke certificates from a single account, use pre-vetted company and domain identities to accelerate issuance, and apply granular roles and delegated administration. The service enables digitally signed emails to counter spoofing and phishing, and supports encrypting email content in transit and at rest across popular mail clients.

Key Features

Centralized certificate lifecycle End-to-end management from one account.

• Issue, renew, reissue, and revoke S/MIME certificates organization-wide
• Monitor activity with robust reporting

Pre-vetted identities and rapid issuance Accelerate deployment with prior validation.

• Company identity and domain ownership vetted once
• Instantly issue email certificates containing vetted information

Enterprise governance Control at scale with least privilege.

• Granular user permissions for roles and privileges
• Delegated administration within the enterprise

Security controls for email Assurance against spoofing and data exposure.

• Digitally signed emails to counter phishing and spoofing
• Encrypt emails for protection in transit and at rest; E2EE supported

Broad client compatibility Deploy across existing environments.

• Compatible with all popular email clients

Benefits

Stronger email authenticity and confidentiality Reduce phishing risk and protect content.

• Digital signatures verify sender and detect tampering
• Encryption safeguards sensitive messages in transit and at rest

Faster, lower-effort rollout Shorten time to value and simplify operations.

• Pre-vetting enables near-instant certificate issuance
• Centralized management and reporting reduce administrative overhead

Enterprise-grade control Align with security policies and compliance.

• Granular roles and delegated admin support separation of duties
• Organization-wide visibility into certificate activity