FAQ

Here are the most common frequemtly asked questions asked about our data exchange suite and services. If you can’t find an answer to your question, please contact us.

General FAQ

DOQEX Data Exchange Suite is a set of powerful security and auditing tools comprising:

  • Secure Email Gateway
  • Secure File Sharing
  • Project Spaces
  • Data Loss Prevention
  • Workflow & Business Integration
  • Secure Inbound Email (Coming Q3 2024)


Together, these tools add a high level of security protection and auditing for organisations wishing to communicate and share data and intellectual property within and without their borders.

No need. You can freely use any or all of our services as you like without restriction. We price our services on consumption (data operations). 

DOQEX services are priced according to tiers of DataOps.

Delivering the DOQEX Data Exchange Suite to you consumes infrastructure, compute, network and human resources (consulting, support and development personnel). This is what you pay for.

Our Service Agreement with you will include a ‘commitment to consume’ – i.e. you pay for a certain amount of DataOps per month.

If you consume more, no problem, we do not throttle the service. We never turn a user away. We never stop securing messages because you are having a busy quarter. 

Should you exceed your contracted usage (by no more than 25% in any 90-day period) that’s fine. Above this, we’ll contact you to identify the right consumption tier.

The primary reason DOQEX provides a managed service, is to ensure that once set up, your service runs efficiently and effectively at all times.

If you wish to manage the DOQEX data exchange suite yourself, whether wholly or partially, you can do so. Ultimately, we are always available to help you get the most from your service. In our experience, most customers appreciate the additional support to manage adds, moves and changes.

The second reason, is we believe we provide a better and more valuable service to our customers, who would otherwise be left to do the management themselves and have access to a limited support desk.

We reward customer loyalty. When you take out a multi-year contract or have been with us for 2+ years, you automatically qualify for DOQEX rewards & benefits.

These rewards change from time to time, but typically include free security & technical consultancy, out-of-scope support and even new feature/function development.

Secure Email

No need. Users don’t need to download or install anything. Reading and replying to messages is done via your DOQEX private securemail portal. Messages are consumed and processed by the DOQEX securemail gateway.

By default, you send an email in the same way you have always done. Security is automatic.

This is because the security processing is set via policy triggers by the admin team.

As organisations often have different policies and procedures, we recommend you talk with us to explore the best options for you.

To read secure messages, recipients log in to your private securemail portal.

Portals are best served using one of your existing domains, for example: https://secure.organisation.com. Your contacts will interact with you via this portal.

Your branded portal is setup as part of the DOQEX service. All notifications and interactions within your service are tailored to support your workflows, including customisable email and sms templates.

Different authentication methods can be applied to different user cohorts along with customisable workflow pages and user instructions.

No need. Attachment processing is normally configured according to policy, therefore the workflow is usually fully automated, i.e. your users or back-office apps just send the message.

Because each DOQEX service is configured differently, we will work with you to identify and configure appropriate options and policies. We will also help you create user instructions for distribution to your organisation.

By default, every user can recall their own emails.

Depending upon your setup configuration, you may require authorisation or action by a team manager, service desk manager or administrator.

No. PGP requires a key exchange with someone you already know (and have a trusted out-of-band comms channel with).

DOQEX protects workflows between anyone, even if you’ve never been in touch with them before.

No need. Most DOQEX users never need to download or install anything. DOQEX does however have an MS Office plugin which can be used to enable Securemail and File Sharing actions directly within MS Word, Outlook, Excel, PowerPoint.

Yes. DOQEX interoperates seamlessly with Exchange or EOL.

Setup is fast and we provide detailed instructions for administrators.

We can also provide powershell scripts or a DOQEX engineer to assist. Talk to your account manager or raise a ticket for more details.

Yes. DOQEX can stop viruses and other malicious payloads that are present in your messages.

DOQEX can also filter inbound messages for spam, phishing and other malicious activity.

Yes. DOQEX is designed to play nicely with other email service providers.

Whether they are adding signatures, banners, scanning for malicious payloads or unauthorised content our policy at DOQEX is to be fully interoperable with your other providers.

From Authy and APIs to Radius and YubiKey, we support the majority of authentication methods.

If there is an option we don’t currently support, let us know and we’ll add it.

Yes. As well as LDAP auth, DOQEX supports SSO via an IdP (such as Okta) using SAML or OpenID connect via the OAuth2 framework.

Yes. Documents available for viewing can have a watermark embedded.

The watermark is configurable and can include custom text as well as identifying data such timestamp, agent stamps, IP, etc. Watermarks are vital to protect against data exfiltration by users with cameras or screenshot tools.

Any device with a modern, standards compliant browser is compatible with DOQEX.

If you have immutable legacy devices or browsers in your mix, please speak to us, we’ll be happy to examine interoperability support.

All data is located within the UK. London by default.

We can also offer locations in Cambridge and the EU including The Netherlands, Germany and Belgium.

DOQEX server nodes are built by us from bare metal upwards. We can guarantee exactly where your data resides, down to the rack number, floor number and postcode. The same applies to backups.

You decide.

As part of our on-boarding process, we will configure TTLs for messages, attachments, metadata, audit trail and backup data.

All data TTLs are under admin and policy control.

Secure File Sharing

No need. Any device with a modern, standards compliant browser is compatible with DOQEX. Users don’t need to download or install anything.

Contacts interact with your private data exchange portal

Your portal is created as part of the DOQEX service and is branded and configured to serve your workflows.  By default your portal is served via one of your domains, e.g. https://secure.yourorganisation.com

Via automated policy.

Everything from access rights to retention periods, TTLs, download limits, password formats and data sharing agreements are automatically set via policy (set by admin).

With unlimited user cohorts, you can define and retain complete control over the data rights and interoperability between office staff, remote workers, partners, suppliers and customers.

DOQEX fileview deploys two primary security methods:

Firstly, customisable watermarks can be embedded in every file. By default this includes a timestamp, URL, IP, agent string and device ID but admins can define their own watermark content.

Secondly, fileviewing uses a seperate in-memory decryption vault for each file. Each vault decrypts and buffers a small section of each file before streaming it to the browser. After each view the file vaults and encryption keys are scrubbed, no decrypted data ever touches disk.

Yes. Admins select if (and how) folders can be shared.

By default, child folders and file data cannot be shared, viewed or downloaded.

Version control is fully configurable.

By default, files are matched by filename but may also be matched by hash or MIME type. Admins select how duplicate files are handled included renaming and extension rewriting.

Yes. In practice, the majority of DataOps amongst DOQEX data exchanges are collecting and managing inbound data.

Data uploads can be initiated in many ways including by a user, via a project workspace, published in workflow form, generated by back office systems via an API call, added by a contact via sFTP or embedded in an email.

As long as necessary.

However, every data object has an expiry date. Expiry dates are set by policy and you control what those are, who can change them, when and by how much.

To prevent indefinite and uncontrolled data retention expiry dates are compulsory in DOQEX.

As long as necessary.

However every share has an expiry date. Expiry dates are set by policy and you control what those are, who can change them, when and by how much.

To prevent accidental or uncontrolled data loss share expiry is compulsory.

Yes. DOQEX provides multiple RESTful(ish) APIs.

The DOQEX API playground contains reference code and implementation examples for a huge range of endpoints.

The DOQEX devOps team will work directly with you to quickly scope, develop and test functionality so you can quickly extend that back-office app or extract audit logs for your SIEM service.

Yes. DOQEX is Microsoft AIP aware. Data flows across your DOQEX service can be scanned for classification data. Configurable actions are set within the DLP engine.

DLP functionality can be enabled for data flows.

DLP policies are configured within the DLP engine allowing inspection, quarantine options and range of customisable alerts.

Yes. Data flows can be passed to the in-built AV/AM engine for inspection.

Configurable actions include bounce, quarantine options and range of customisable alerts. The API interface also allows AV/AM scanning to be built into your applicatoin allowing fast call-back results.

Yes. Every email and SMS message sent by DOQEX is customisable.

There are a wide range of notification options which can be applied to different user cohorts, options include immediate, digest and scheduled notifications.

Project Spaces

The main difference is that a Project Space is an area that is controllable by the Project Manager and not the IT administrators. You can create any number of Project Spaces – controlling who can join and how the individuals can interact with the folders and data in that space.

Simple. Once you have access to the Project Space portal, it’s as simple as clicking a button to request a project space. You can then quickly add users and grant them appropriate access rights.

Invited users will be notified by email once they are added. You can select the appropriate authentication methods for your collaborators. Choose passphrases, tokens via SMS, single use links, AD sync/auth or a published standard like SAMLv2 or OpenID.

It’s up to you. You can set your own expiry date on each Project Space. 

You can set permissions right down to the individual user and folder level. Alternately, you can set project wide permissions.

You can control the rights to edit, share, view, create sub-folders, storage & file size, file locking, deleting and moving data.

Data Loss Prevention

Data Loss Prevention (DLP) is a set of steps designed to detect and secure important business data and intellectual property from unauthorised access, breaches and malicious attacks. This service is mainly focused on email, which is the primary source of data leaks and loss.

Email is one of the most common sources of data loss and leaks. From emails being accidentally addressed to the wrong person, to communications sent with sensitive attachments, to data sent by bad actors, email is one of the most vulnerable parts of your security posture.

A leading cause of data loss & breaches is the human factor:

  • Employees who get caught out by phishing attempts
  • Unhappy e,ployees
  • Individuals who accidentally delete emails that legally need to be preserved
  • Communications that result in sharing sensitive data and information with unauthorised recipients

DOQEX helps you set up policies based on keyword inspection, document embargos, attachment protection, pattern matching, file type matching, National Insurance detection, Payment card detection and more. The service scans all outbound and inbound email to identify and block potential data leaks.

Data loss prevention (DLP) gives businesses greater corporate compliance for personally identifiable information.

Well-enforced data loss prevention policies supported by the latest data loss prevention technologies enable better monitoring of data usage and location.

DLP also helps better protect sensitive data and greatly improves data visibility.

Data Loss Prevention helps organisations prevent:

  • Loss of trust, credibility and brand reputation
  • Loss of revenue and business profits
  • Litigation as a result of breaking regulatory compliance laws
  • Loss of operational efficiency and productivity

We recommend that you carefully consider the areas of your organisation where data loss might create unacceptable risk and apply DLP to these areas..

Data loss prevention enables you to:

  • Mitigate data loss risk by seamlessly integrating with your email platform.
  • Protect your data and intellectual property against both innocent errors and malicious intent.
  • Apply relevant policies to stay compliant with corporate governance and legal rules.
  • Set detailed policies and controls for specific users and groups.

Secure Workflows

Secure workflow automation is the process of using technology to streamline and automate business processes while ensuring that data and operations are protected from unauthorised access and other security threats.

It involves integrating security measures into the workflow automation tools and protocols to safeguard sensitive information.

Secure workflow automation:

  1. Enhances efficiency by reducing manual tasks.
  2. Minimises human error.
  3. Ensures compliance with security policies.
  4. Protects sensitive data.


This leads to cost savings, improved productivity, and a stronger security posture.

Yes. Without correct configuration, data integrity can be at risk. These include:

  • Data breaches,
  • Unauthorized access,
  • Data loss,
  • Insider threats,
  • Compliance violations.


These risks can arise from poorly configured automation tools, lack of proper access controls, and insufficient monitoring.

To ensure secure workflow automation, we recommend you implement the following:

  • Strong access controls
  • Use encryption for data at rest and in transit
  • Regularly update and patch systems
  • Monitor activities
  • Conduct regular security audits
  • Train employees on security best practices.

Encryption is crucial in secure workflow automation as it protects data from unauthorised access during transmission and storage.

By encrypting sensitive information, businesses can ensure that even if data is intercepted or accessed by unauthorized parties, it remains unreadable and secure.

Yes, by ensuring that business processes adhere to industry standards and legal requirements.

Automated workflows can include checks and controls that enforce compliance policies, generate audit trails, and provide documentation for regulatory inspections.

Access controls in an automated workflow can be managed by implementing role-based access control (RBAC), ensuring that employees have access only to the information and resources necessary for their roles.

Regular reviews and updates to access permissions are essential to maintaining security.

Best practices for monitoring automated workflows include:

  • Setting up real-time alerts for suspicious activities
  • Conducting regular audits of automated processes
  • Using advanced analytics to detect anomalies
  • Maintaining detailed logs for all automation activities.

Integration can be achieved by using APIs and middleware that facilitate communication between the automation tools and existing systems.

Ensuring compatibility and security during integration involves thorough testing, following best practices for API security, and working with vendors who prioritize security.

Support and resources typically include:

  • Vendor support services
  • Online documentation
  • Community forums
  • Professional consulting services
  • Regular updates and patches from the automation tool providers.


Establishing a relationship with a reliable vendor can ensure quick resolution of any issues.

Pricing

DataOp = an operation or action upon Data.

This is a count of how much your DOQEX service gets used. A DataOp includes:

  • Uploading, downloading, moving, inspecting, quarantining a file
  • Processing an email via security policy, e.g. stripping an attachment, encrypting an email, adding a watermark, etc.


DataOps are initiated by any of the entities connected to your DOQEX service. This includes portal users, your customers, your partners, email clients, an API call, external services such as AWS, sFTP, CIFS and so on. Larger files may need more DataOps

Each DOQEX customer uses DOQEX differently. Their workflows are specific to them and their customer and partner ecosystems.

Charging according to your headcount might be simple but it’s a blunt tool and leads to uncertainty in billing and over-provisioning of licences to ensure coverage.

It makes no sense for a customer who needs to protect a back-end system sending thousands of emails a week from a single email address.

It makes no sense for a customer with 5000 staff but where 90% of them would rarely need the service.

With DOQEX, pay for what you use.

DOQEX services are priced according to tiers of DataOps.

Delivering the DOQEX Data Exchange Suite to you consumes infrastructure, compute, network and human resources (consulting, support and development personnel). This is what you pay for.

Our Service Agreement with you will include a ‘commitment to consume’ – i.e. you pay for a certain amount of DataOps per month.

If you consume more, no problem, we do not throttle the service. We never turn a user away. We never stop securing messages because you are having a busy quarter. 

Should you exceed your contracted usage (by no more than 25% in any 90-day period) that’s fine. Above this, we’ll contact you to identify the right consumption tier.

Whilst DOQEX doesn’t charge per user, it is possible to estimate your usage based on the number of users you have. As a rule of thumb, the average user uses 1 dataOp per day

Example:
1,000 users = 1,000 DataOps per day = approx. 30,000 DataOps per month

Therefore, we recommend you select 25k DataOps in the Price Estimator 

If you are still unsure, please get in touch and we’ll quickly help you understand what you will need.

None. Within reason and fair usage, DOQEX services are currently elastic.

Yes. Multiple year commitments provide:

  • a reduction in the unit price.
  • a fixed price for the term of the contract.

Yes. We can and do, especially to support ephemeral projects like mergers and migrations.

Get in touch and tell us what you need.

You don’t need to. DOQEX services are elastic, when you need to use a feature we will configure it for you.

No complex licencing. You don’t need a qualification in software licencing in order to buy a DOQEX service.

We operate on the kebab model. You can have your service with just the meat or with everything on!

You don’t need to. There are many ways DOQEX has for creating accounts but we don’t charge for them. Even if you end up with thousands of external securemail recipients it doesn’t matter.

Accounts creation can be automatic, self-service initiated, actioned by admins, by API calls or external events and triggers.

Bottom line is that everyone who needs to has access to the service. Our model is that security should not be rationed; the days where a dept is short of licences can only send securemail on a Tuesday or Thursday are over!

Yes. We love a good project so get in touch, let us know what you need to achieve it.

DOQEX is particularly good at solving legacy workflows; we understand change is hard but we’re here to help reduce uncertainty and gain the data necessary to inform your stakeholders.

Of course. Click here to get a standard account on a DOQEX branded portal.

Nothing at first. DOQEX doesn’t ration security so service limits are soft; customers make as much use of the system as they need without licence issues or the need to fret about budget.

We will be in touch if we monitor any demand outside what is expected for your service – if it’s a temporary change – no problem.

We do not limit or throttle your service usage – even if you are using more than your tier, DOQEX won’t hold you to ransom.

Of course. Get in touch and we will work out what’s suits you.

If it’s a temporary change – no problem. We do not limit, throttle or ration your service – even if you are using more than your tier, DOQEX won’t hold you to ransom.

Want to know more?

Call Us

01904 500255

Message Us