840 - Avanan Email Security - End User Guide: Sending Encrypted Email (DLP Workflows)

Document Owner: Damian Stalls
Backup Owner: Josh Miller
Last Verified: 2026-05-18

OVERVIEW

Some organizations use Avanan Email Security DLP (Data Loss Prevention) to detect sensitive information in outbound email. When sensitive content is detected, your email will either be blocked or delivered as encrypted, depending on your organization’s policy.

PURPOSE

  • Explain what happens when DLP detects sensitive information in an outgoing email
  • Explain the two most common DLP encryption workflows you may see
  • Explain what to do if you cannot send, resend, or confirm delivery

WHO THIS IS FOR

  • End users sending email outside the organization (external recipients)
  • End users who receive a message that their email was blocked due to sensitive content
  • End users whose emails are automatically encrypted due to policy

WHAT TO DO

Step 1: Know which workflow your organization uses

Your organization will typically use one of these workflows when sensitive content is detected:

  • Workflow A (Blocked → Resend Encrypted): your email is blocked and you are prompted to resend it as encrypted.
  • Workflow B (Allowed → Automatically Encrypted): your email is allowed but delivered as encrypted.

Step 2: Workflow A — Email is blocked, then you resend as encrypted

  • If sensitive content is detected, your email may be blocked.
  • You will receive a notification and can choose to resend the message securely as an encrypted email.

[NEEDS INPUT: Provide the exact button/link text users click to “Resend Encrypted” (and a screenshot) for your standard configuration.]

Step 3: Workflow B — Email is allowed and delivered as encrypted automatically

  • If sensitive content is detected, the email is secured using Avanan Encryption.
  • The external recipient receives a secure email notification and must authenticate to view it.

If your recipient asks how to open the encrypted email, send them: 850 - Avanan Email Security - End User Guide: Encrypted Email Access (External Recipients)

Step 4: What the external recipient experience looks like (high level)

  • The recipient clicks a secure link from the notification email.
  • If a link expires, the recipient requests a new link.
  • The recipient receives an authentication code by email and uses it to open the message in the secure portal.

WHEN TO CONTACT SUPPORT

  • You believe a message was blocked incorrectly and you cannot resend as encrypted
  • You resent an email as encrypted and the recipient cannot open it
  • You need to send sensitive information but are unsure what method your organization requires

When contacting support, include:

  • Recipient email address
  • Subject line
  • Approximate date/time you attempted to send
  • Whether you saw “blocked” behavior or “encrypted automatically” behavior
  • Any screenshots of the notification you received

IMPORTANT GUIDELINES

  • Do not email sensitive information to the wrong recipient. Double-check addresses before sending.
  • If your message is blocked, do not attempt to work around it by moving sensitive content to unapproved channels.
  • If an external recipient shares an authentication code request or secure link issue, direct them to the external recipient guide.

ALSO PUBLISHED AT

Support Portal (Knowledge Base): https://support.complete.net → Knowledge Base → Avanan Email Security
Public KB: https://help.complete.net/m/AvananEmailSecurity/