Skip to content.
|Networking government in New Zealand.
You are here: Home » Services » SEEMail

SEEMail

Key Documents

Note: A related secure email initiative, SecureMail, is developing a way to send secure email over the Internet between government, business and people.

Overview

The SEEMail environment is designed to facilitate the exchange of email and attachments using the Internet. This system is capable of protecting public domain information and information classified IN-CONFIDENCE, SENSITIVE and RESTRICTED. SEEMail is not to be used for information classified CONFIDENTIAL, SECRET or TOP-SECRET.

The environment is formed by each SEEMail agency deploying an accredited secure e-mail gateway that signs and encrypts sensitive messages sent between other SEEMail agencies using S/MIME (Secure Multipurpose Internet Mail Extensions) techniques.  The system is currently in use by over 50 Government agencies [* password protected: Login | register for access]

SEEMail overview showing how messages are sent through gateways

(Note: The e-mail gateway is typically behind the agency's firewall - not shown in this diagram)

Once the e-mail is decrypted at the gateway, the receiving agency is responsible for the proper handling and use of the information, as dictated by the Security In Government Sector (SIGS) manual issued by the Department of Prime Minister and Cabinet and the New Zealand Security Information Technology (NZSIT) standards issued by the Government Communications Security Bureau (GCSB).

SEEMail Assurances

Used appropriately SEEMail provides the following assurances:

  • The Recipient in a SEEMail agency can be highly confident that:
    1. The e-mail message is from the member agency as claimed.
    2. No one outside the agency has read the message.
    3. No one outside the agency has altered the message.
  • The Sender in a SEEMail agency can be highly confident that:
    1. The sensitive e-mail message can only be read by (the agency of) the recipient.
    2. No one outside the agency can read the message in transit.
    3. No one outside the agency can alter the message.
  • Each SEEMail agency can be highly confident that:
    1. Sensitive e-mail messages cannot be inadvertently sent to non-SEEMail agencies.
    2. All e-mail traffic between SEEMail agencies is secured.
    3. All e-mail traffic between SEEMail agencies authenticates the sending agency.

Important: S/MIME currently sends "To:", "From:", and "Subject:" fields unencrypted.

All SEEMail users should consider the risk of traffic analysis (unknown people reading the "To:", "From:" and "Subject:" fields) while the e-mail is in transit.

 

Read more Frequently Asked Questions.