Categories | XQ Message Forum

Categories | XQ Message Forum — XQ Message Forum https://community.xqmsg.com/ Sun, 12 Apr 2026 23:11:44 +0000 en Categories | XQ Message Forum — XQ Message Forum Installing the XQ FIPS Helper Application for Windows https://community.xqmsg.com/discussion/155/installing-the-xq-fips-helper-application-for-windows Sat, 04 Feb 2023 19:47:46 +0000 CMMC Sarah Sanders 155@/discussions This article provides steps for installing XQ’s FIPS Helper Application for Microsoft Edge and Chrome browsers on Windows machines. The following steps are intended to be performed by an administrator.

Note: This article uses steps and screenshots from Windows 11. Directions may differ slightly on older versions of Windows.

Bypass Windows Real-Time Threat Protection

To ensure the FIPS Helper installs correctly, you must create an XQ Directory that bypasses Windows Real-Time Threat Protection. Refer to the following steps to get started: Step 1: Create an XQ Directory folder in your Local Drive. Windows File Directory

Step 2: Drag and drop the Install Fips Helper.exe executable into the XQ Directory you created in Step 1. Executable file in the XQ Directory

Step 3: On your Windows machine, go to Start and click Settings. Step 4: Select Privacy & Security and click Searching Windows. Windows Privacy & Security settings page

Windows Privacy & Security settings page

Step 5: On the Searching Windows page, click the Add an excluded folder button. Add excluded folder button

Step 6: In the Select Folder window, locate and double-click the XQ Directory folder you created in Step 1.

Prerequisite Installation

Before installing the FIPS Helper Application, you must ensure you have the Visual C++ Redistributable for Visual Studio 2015 application downloaded on your Windows machine.

Note: If you already have Visual C++ Redistributable for Visual Studio 2015 installed, you can skip this step.

Step 1: Navigate to https://www.microsoft.com/en-gb/download/details.aspx?id=48145, select the language of your choice, and click Download. Step 2: Select the vc_redist_x64.exe option and click Next. Step 3: Run the vc_redist.x64.exe executable and follow the prompts to finish the installation. Double-click the Install Fips Helper.exe executable. Step 4: You will be prompted “Do you want to allow this app from an unknown publisher to make changes to your device”. Click Yes. Step 5: Click Install and follow the installation prompts. Ensure the Open Chrome Extension Folder checkbox is checked before clicking Finish.

Install FIPS Application on your browser

Microsoft Edge

Step 1: Launch Microsoft Edge and click the horizontal ellipsis at the top right-hand corner of your browser. Step 2: In the drop-down menu, select Extensions and click Manage Extensions. Microsoft Edge browser window

Step 3: On the Extensions screen, toggle Developer mode to On. Microsoft Edge Extensions settings page

Step 4: Several hyperlinks will appear at the top of the screen. Click Load Unpacked.

Step 5: Locate and open your XQ Chrome Extension folder. By default, this is located at C:\Program Files\XQ Message Inc\Chrome Extension. Step 6: The XQ Native Bridge extension should now appear in your Installed Extensions.

Google Chrome

Step 1: Launch Google Chrome and click the vertical ellipsis at the top right-hand corner of your browser. Step 2: In the drop-down menu, select Settings and click Extensions.

Step 3: Enable Developer mode by clicking the toggle and then clicking Load unpacked.

Step 4: Locate and open your XQ Chrome Extension folder. By default, this is located at C:\Program Files\XQ Message Inc\Chrome Extension.

Note: Ensure the XQ Chrome Extension folder added in Step 4 is moved directly from your local drive to Chrome. If you move the folder to another location before adding it to Chrome, the installation will not work.

Step 5: The XQ Native Bridge extension should now appear in your Installed Extensions.

Install the Outlook or Google Chrome Secure Email extension

To ensure your email client is CMMC compliant, you must install either the Outlook or Google Chrome Secure Email extension. Navigate to the CMMC Email Deployment Guide for next steps. ]]> CMMC Email Deployment Guide https://community.xqmsg.com/discussion/150/cmmc-email-deployment-guide Thu, 19 Jan 2023 22:26:23 +0000 CMMC Sarah Sanders 150@/discussions Federal Information Processing Standards Publication (FIPS) security standards. FIPS are standards and guidelines for federal computer systems established by the National Institute of Standards and Technology (NIST). These standards ensure the security and reliability of information technology (IT) products and services used by the government. FIPS standards must be met to ensure CMMC compliance. This guide provides steps for deploying XQ's email extensions for CMMC users. If you are not a CMMC user, view our standard user How-to guides.

Deployment steps

The following steps are intended to be performed by an administrator. Administrators must set up XQ Vault and Email in a specific way that meets CMMC compliance. Step 1: Create an XQ account and add all team members. Step 2: Ensure all team members use a Chromium-Based browser. Chromium-Based browsers must be used because they are FIPS-compliant. Other browsers may not be FIPS-compliant and will not meet CMMC requirements. We recommend using Microsoft Edge or Google Chrome. Step 3: Install the XQ FIPS Helper Application on all team members' Chromium Based browsers. XQ's FIPS Helper Application is a CMMC-compliant software tool used to implement FIPS 140-2 standards for cryptography. It works by providing additional functionality to a system that verifies that the cryptographic module used on your team's machine is FIPS 140-2 compliant. Installing the XQ FIPS Helper Application involves adjusting your Windows machine's Privacy & security settings, downloading necessary prerequisite applications, and installing the FIPS Helper Application on your browser. See Installing the XQ FIPS Helper Application for Windows for installation steps. Step 4: Install the XQ Desktop application on all machines team members will use. Step 5: Install either the Chromium Gmail Extension or the Outlook Add-In on all team members' machines. You can also install the Outlook Add-In for your whole Microsoft 365 Group at once. If you are installing the Outlook Add-In, we recommend installing Outlook as a progressive web app (PWA) in Microsoft Edge or Google Chrome. With the Outlook PWA, you can pin and launch the web version of Outlook from your computer's home screen or taskbar and access your account while you're offline. This provides the look and feel of Outlook's desktop application, but is still CMMC compliant because it runs off your Chromium-Based browser. For instructions on installing Outlook as a progressive web app, see Use the web version of Outlook like a desktop app. Step 6: Turn on CMMC mode in your XQ Email settings. Step 7: Ensure users are signed in to either the Gmail or Outlook extensions with the correct team. Step 8: Create Data Loss Prevention And Data Access Control Policies.

Warning: Team members cannot use the Outlook desktop application, mobile applications, or mobile browsers because they are not Chromium Based, therefore they are not compliant.

]]> CMMC 2.0 Onboarding and Installation https://community.xqmsg.com/discussion/149/cmmc-2-0-onboarding-and-installation Tue, 17 Jan 2023 15:13:22 +0000 CMMC Sarah Sanders 149@/discussions This article provides onboarding resources and installation steps for Secure Email and Vault to help you get started.

Onboarding resources

Contact Support

The XQ support team is dedicated to helping you troubleshoot issues, providing resources, and answering any questions you may have about the platform.
See How to Contact Support for more information on the types of support we offer and tips for contacting support.

Installing XQ and setting up Secure Email

XQ’s end-to-end email encryption streamlines your preparations for CMMC. XQ’s Secure Email solutions cover NIST security requirements and uses CMMC-compliant processes to protect CUI. Using XQ Secure Email, your data is encrypted before it leaves your device and moves to the cloud, making it easier to meet data privacy and compliance obligations. Use the following steps to install XQ and set up Secure Email: Step 1: To get started, you must create an XQ account and log in to your XQ Dashboard. See How to Log In to the XQ Dashboard for instructions. Step 2: After logging into your XQ Dashboard, we recommend creating team members. See Creating and Managing Teams for instructions. Step 3: After logging in and creating team members, you are ready to install Secure Email on your email client. Installation steps differ depending on the email client you use. To meet CMMC compliance requirements, you can use Secure Email with either Outlook or Gmail.

Outlook

Outlook users can install Secure Email using XQ's Secure Outlook Add-In. Using the Secure Outlook Add-In, users can encrypt messages and attachments directly from their Outlook account. This installation method must be completed on each account individually.
Outlook users can also install XQ's Secure Outlook Add-In for their entire Microsoft 365 Group. This installation method is suitable for integrating XQ into your whole team's Outlook email accounts.

See the CMMC Email Deployment Guide to get started.

Gmail

Gmail users can install Secure Email using XQ's Chrome Extension. With the Chrome Extension installed, users can encrypt messages and attachments directly from their Gmail accounts. See the CMMC Email Deployment Guide to get started.

Deploying Vault

The XQ Vault allows you to store CUI on your own infrastructure and track who accesses it. Vault helps you meet CMMC requirements in the following ways:

Protect each file with its own separate quantum-resistant encryption and keep it stored on your cloud
Store your data in a desktop folder synced to the floud
Use XQ's no size limit rule to store larger amounts of data at a fraction of the cost of other services
Track and audit every interaction with your data in one place

To use Vault, you must have an administrator deploy the product and have end-users log in to the product. Once end-users log in, they can use Vault to easily store CUI securely on your cloud. Use the following two guides for Vault deployment:

Vault Deployment for Administrators - View the administrator deployment guide attached to this article.
Vault Deployment for End-Users - View the end-user deployment guide attached to this article.

Best practice recommendations

The following best practices are recommended to enhance your data protection measures and avoid user error when using Vault.

Configure a default download folder

We recommend updating the default download folder on your end users' browsers to their Vault folder. This ensures that any files downloaded from their browser are encrypted using the Vault. This best practice recommendation can reduce user error and automate encryption processes. Use the following guides from Google and Microsoft to update the default download folder on your end users' browsers:

]]> Understanding CMMC 2.0 and XQ - Start here https://community.xqmsg.com/discussion/148/understanding-cmmc-2-0-and-xq-start-here Sat, 14 Jan 2023 16:59:03 +0000 CMMC Sarah Sanders 148@/discussions CMMC 2.0 (Cybersecurity Maturity Model Certification Level 2) is a Department of Defense (DoD) framework that applies to Defense Industrial Base (DIB) contractors. This certification aims to improve cybersecurity and ensures DIB contractors are equipped to protect sensitive government data.
This article provides an overview of CMMC and information on how XQ can help to prepare you for CMMC.

Overview

The Department of Defense (DoD) has created CMMC Level 2, a program aimed at enhancing supply chain security and defending against cyberattacks. By 2025, this framework will be mandatory for all contractors within the Defense Industrial Base (DIB). To receive the CMMC Level 2 Certification, contractors must follow 110 security requirements specified in NIST SP 800-171 Revision 2 and comply with DFARS Clause 252.204-7012. This certification focuses on safeguarding controlled unclassified information (CUI). Contractors must pass a CMMC Third-Party Assessment Organization assessment every 3 years to prove to the DoD their ability to secure CUI based on its risk throughout the supply chain. The CMMC Level 2 requirements are divided into 14 domains and 110 practices, with 320 assessment objectives in total. These practices involve both technical and non-technical controls, policies, and procedures to ensure ongoing CUI security. These practices include the use of FIPS-validated cryptography and having a System Security Plan (SSP) in place. The complete list of required practices can be found in the CMMC Level 2 Assessment Guide.

XQ and CMMC

XQ’s products cover NIST security requirements and facilitate CMMC practices and processes that protect CUI. XQ helps streamline your organization’s preparations for CMMC by protecting CUI from unauthorized access throughout its lifecycle and providing auditable event logs of all communications. XQ helps to prepare you to meet CMMC Level 2 requirements in the following ways:

Protect unauthorized CUI access in Gmail and Outlook with XQ Encrypted Email.
Protect CUI in Secure Chat from unauthorized users.
Protect CUI collected in Secure Forms from access by unauthorized users.
Protect cloud data, including files, from access internally and by external primes, subcontractors, agencies, and other mission partners with XQ Vault.
Support remote workers and distributed teams throughout supply chain collaboration workflows.

For more information on using XQ to prepare for CMMC or to schedule a demo, see our CMMC compliance page.

Get started

See our CMMC Onboarding and Installation guide to get started.

For more information on CMMC, view the following XQ blog posts:

]]>