A system includes a server equipped to generate a split encryption key having at least a first key portion and a second key portion, that is used by the server to encrypt at least a portion of a message. Additionally, the first key portion of the split encryption key is retained by the server, while the second key portion of the split encryption key is delivered to a sending client and is discarded from the server. The sending client in turn provides the second key portion to one or more recipients of the message to facilitate recipient access to the message.