Echoworx offers multiple ways to ensure users are who they say they are – with authentication set according to policy, sender or recipient. Authenticating users can be simple, like Biometrics, where a quick tap of a finger or glance securely verifies their identity. Or, authentication can add a layer of security, like 2FA, where a user is prompted to enter a username/password combination in addition to a One-Time Password (TOTP) before granting access to an encrypted message.
More authentication options
Authentication may be set by policy, sender or recipient, and include: Full OAuth Access, Self-Registration, Shared Secret Passphrase, SSO, System Generated Verification Codes, Biometrics and Multi-Factor Authentication (MFA). This level of authentication flexibility allows more control over the access of sensitive documents and messages, including the ability to use secure passwordless options.
Guest compose messaging options for secure inbound communications
Not all customers have access to email data protection tools. That’s why Echoworx offers multiple ways for organizations to provide simple, yet secure, ways to receive inbound messages:
Guest Compose: A shareable URL enables ‘guests to compose one-off messages to a specific pre-set address.
Self-Provisioning: Allows unregistered, external users to send encrypted email messages to any address within your registered domain.
Contractual Workflow: Allows users to fill out contractual forms, save them and return completed forms in a secure manner.
Additional security assurances
2FA authentication for Administrators ensuring security and compliance regulations for PCI, SOC and WebTrust.
Support for enterprise-specific privacy notices.
Combat user enumeration with login failure messages preventing brute-force enumeration of accounts. Notify users at lockout via email.
Password dictionary checks following National Institute of Standards and Technology (NIST) guidelines.
Security practices subjected to audits covering all aspects of Echoworx including AICPA/CICA WebTrust Certification, SOC2 Audit, PCI DSS Level 1 Certification, FSQS (Financial Services Qualification System) and Microsoft and Apple Root Member Certifications.