Painless email encryption.
Just [wrap the subject in brackets] and send. Bracket handles everything else—no passwords, no apps, no friction.
What makes Bracket better?
Encryption was a pain
Install this app. Create an account. Don't forget another password. The steps pile up until someone decides it's easier to just send a normal email. So they do.
So we fixed it
Bracket was built around one idea: encryption should feel like sending any other email. We removed the complexity, kept the security, and never looked back.
The payoff for MSPs
When encryption is this easy, people love using it. Compliance happens naturally, sensitive data stays where it belongs, and password reset tickets disappear.
Finally, email encryption that works for everyone
Bracket the subject
Wrap the [subject] in brackets to encrypt. That's the only thing anyone needs to learn.
Compose the message
Write the email content from your go-to email client and device. With Bracket, you don't have to choose.
Send securely
Hit send. Bracket intercepts the message in transit and encrypts it automatically.
Effortless on arrival
Recipients access encrypted messages through a secure link delivered straight to their inbox. One click and they're in—no account and password creation required.
Links expire in 15 minutes, work only once, and are locked to the device that requested them so there's no sacrificing security for usability.
Send files the same way you send encrypted email
Included with every Bracket license is our encrypted file transfer service, Bracket Share. Users get their own personalized file transfer page with a customizable Share link that's easy to remember and distribute.
Personalized invites
Send personalized invites with a profile attached so recipients feel more confident about sharing sensitive data.
Open to all, secured by design
Anyone can share encrypted files via your link. All senders are validated with inbox authentication to prevent abuse.
Arrives in the Bracket inbox
Encrypted files—up to 1GB, 25 files per share—show up in the Bracket inbox just like regular messages.
Encryption is just the baseline
Bracket sets a higher security standard with protections traditional email encryption simply can't match.
Device Fingerprinting
Access links are tied to the originating device. Attempts from other devices are automatically blocked.
One-Time Links
Sign-in links expire after 15 minutes and can only be used once, preventing reuse from old messages.
Personal Data Key
Users can require a personal data key at sign-in for a zero-access boundary when circumstances require.
Key Management
Keys are geographically distributed and automatically rotated, eliminating single points of failure.
Multi-Factor Authentication
Users can enable multi-factor authentication at sign-in for an extra layer of identity verification.
AES-256 Encryption
All messages and files are encrypted using AES-256, keeping data unreadable in transit and at rest.
Your encrypted messages, always within reach.
The Bracket inbox opens in any browser on any device, giving you a clean, organized view of every encrypted conversation.
Loved by MSPs. Loved by users.
There's no encryption platform that's easier to use than Bracket. We love the ease of setup and not having extra management steps. And users love the simplicity too.
The best part of Bracket is that it solved our biggest headache with encrypted email. Even our most challenging clients can use it without calling us every time.
The end user training is literally dummy proof. You simply throw brackets around the subject. We also love that Bracket includes secure file transfer at no cost.
Frequently Asked Questions
How do I trigger Bracket to encrypt a message?
Bracket will trigger by default anytime there is a square bracket in the first value of the subject and a closing square bracket anywhere else in the subject. For example:
[Bracket works great]or[Bracket works] great—encrypts.Bracket is [not working] for me—doesn't.
The subject rule trigger can also be changed to {curly} or |pipes|.
What do senders and recipients need to get started?
Nothing. Senders use whatever email client and device they prefer. No apps, plugins or passwords are required. The Bracket portal opens in any browser, providing a clean and organized view of every encrypted conversation. Recipients access encrypted messages through a secure link without having to create an account, so there’s no friction on either end.
If there's no password, how is it secure?
Password reset emails are one of the most exploited attack vectors, and a source of a lot of support tickets. Bracket eliminates both obstacles. What replaces them is more secure, not less. AES-256 is just the beginning.
Sign-in links are one-time-use, expire after 15 minutes, and are invalidated if opened from a different device. Each request also carries an IP-based geolocation signature to flag unexpected access attempts.
For extra security, users can enable MFA at sign-in. For maximum control, personal data keys create a zero-access boundary. Note: personal data keys are shown only once at setup and never stored by Mailprotector. If they are misplaced, account recovery requires a full reset and all previously stored data will be irrecoverable.
Is Bracket HIPAA compliant?
Yes. Bracket meets HIPAA technical security safeguard standards for secure transmission of Electronic Protected Health Information (ePHI). Mailprotector holds the HIPAA Seal of Compliance from the Compliancy Group and is also SOC 2 Type 2 certified, providing independent verification of our security practices.
How long are Bracket messages retained?
Bracket messages are stored for one year by default and cannot be extended beyond that in accordance with the compliance retention requirements for most industries. For retention beyond one year, Bracket supports journaling to Mailprotector’s SecureStore™ or a third-party archiving service via SMTP journal or BCC addresses. Expiration can also be shortened on a per-message basis.
What email security solutions does Bracket work alongside?
Bracket is available as a standalone email encryption solution. For Microsoft 365 environments, it can also be deployed without changing MX records.
However, Bracket works best as part of the Mailprotector ecosystem. If you have configured your outbound relay through CloudFilter™, there’s no additional work to enable Bracket. Simply switch it on.
With Shield, Bracket becomes part of a deeper outbound security workflow via Email Traffic Control. Messages containing sensitive content can be automatically encrypted, adding a powerful layer of DLP at a fraction of the cost of a Microsoft E5 license.
Can Bracket be personalized?
Yes. Admins can configure a company profile—name, address, phone, website, and logo—that appears in Bracket notifications sent by any licensed user in the organization. This makes messages more recognizable to recipients and verifies the sender is authentic. Individual users can also personalize their own profile with a photo, name, and title. Admins control whether users can adjust company details from their own portal settings.
Every Bracket notification and message also includes a prompt for unlicensed recipients who may want to learn more about using Bracket in their own company. Those inquiries route to an email address you control—giving you a warm lead from someone who has already experienced Bracket firsthand.
Ready to see painless email encryption in action?
Get a personalized walkthrough and bring your questions. We can’t wait to show you email encryption that actually gets used. Your bottom line will thank you.