Tag: Business Continuity

05 May 2020

A Realistic Look at Email Security

Like any locked door, chest or vault, some things can be more secure than others. Enterprises need to know where and how to apply email encryption for maximum data protection. 

While some email data security products may offer a built-in encryption feature as part of a larger bundle, there are extensions you should consider that further protect your brand, business and customers.

Here are some ways to add some more muscle to your email data protection efforts:

Covers every scenario

Whether you’re sending millions of e-statements or just sending a sensitive document, not every encrypted message is the same. Look for an encryption platform which offers a customizable user experience for both senders and recipients. People do not come in a one-size-fits-all version.

Personalization

If your organization operates internationally, there’s a high chance that English might not be the mother tongue of some of your customers. Offering encrypted communications in the language of your users helps eliminate confusion and is just good customer service. With Echoworx OneWorld, for example, you can set language policies which can automatically be applied to encrypted communications based on sender, brand, locale or receiver attributes.

Keep email protection simple

Encryption may be hot but the use of it still isn’t. Echoworx found that only 40 per cent of organizations who have encryption capabilities are actually using them throughout their organization. Making data protection in email a consistent path of least resistance is a good non-intrusive way of getting everyone, inside and outside, to communicate securely.

More secure ways to send emails

With traditional secure message delivery, where TLS is used, if a TLS connection isn’t available or supported at the receiving end, there are only two outcomes: receiving an error or sending a message unprotected. Supporting multiple secure delivery methods offers effective fallback options – ensuring sensitive information is always able to be sent and is never sent unprotected.

Prevent unauthorized access

While a one-time-password encryption method is secure, the password itself is only as secure is where it is sent. In other words, if both the one-time-password and the encrypted message are sent to the same mailbox, there’s a lot of trust being put into the security of a recipient’s device or email inbox. A natural solution to this issue would be to send the password to the sender, who can then communicate it as they please to the recipient.

By Derek Christiansen, Engagement Manager, Echoworx

01 May 2020

The Importance of a Consistent Encryption Experience

 The adoption of new technologies only truly takes hold when people actually use them – particularly when it comes to cybersecurity solutions.

The cybersecurity benefits that come with encryption can only be realized when the encryption experience is consistent—for your employees, your customers and your partners.

Protection needs to reflect your digital workplace realities

In many organizations, today’s digital workforce include employees scattered across the globe, working from anywhere at any time and with any device.

  • Mobile employees, who expect to work from anywhere via any device
  • Evolving security demands of clients, partners and vendors
  • Zero trust policies for business risk and disruption
  • Controlling data after it leaves the organization, while ensuring it only reaches intended recipients
  • Cybersecurity threats – both of internal and external origin
  • International privacy laws, such as the General Data Protection Regulation (GDPR), which dictate business processes.

 

At any given time, employees are accessing secure information from their desktop and mobile devices, on or off the company network. Even the reality of business travelers accessing secure documents—while on the road, without reliable access to the Internet —presents a data protection problem.

This new digital workforce makes it difficult to implement a consistent email data encryption experience because there are many user types, each with different needs. A one-size-fits-all solution may sound like heaven but is unlikely to provide a friendly experience when offered to real people in real world situations.

Must-have security extensions for encryption 

Security administrators must balance user-experience with airtight data protection and—much like a tightrope walker—when these features are unbalanced, the risk increases exponentially.

While an included encryption solution might seem simple, it doesn’t always provide the right balance of security and usability. An bad user experience can lead to frustration and open the door to workarounds. A recent Echoworx survey found that only 40 per cent of organizations that have encryption capabilities actually use them across the business.

Pairing your current solution with encryption extensions gives you the opportunity to innovative – offering consistent data protection that reflects your workforce realities.

Look for an encryption extension that:

  • Has a flexible platform that can quickly integrate and adapt to any environment.
  • Provides policy-based support of multiple brands and languages, based on organization, sender and recipient attributes.
  • Keeps email protection simple for people who are not heavy technology users which promotes adoption for senders and recipients.
  • Is designed for high volume messaging capabilities—to meet enterprise-level demands.
  • Offers a variety of secure delivery options, including fallback options, so that all messages are protected.
  • Provides full value for investment.

 

It’s all about the customer experience

An organization with offices around the world can use Echoworx’s OneWorld encryption platform to deliver a consistent brand, domain and user experience regardless of where the sender or recipient is located.

You may wonder how this works. The platform supports 26 languages and uses organizational attributes to personalize and dynamically brand outgoing encrypted messages by logo, division or location. These rules are set up during implementation and based on business use cases.

If you take advantage of branding and language preferences, your clients will consistently see that the secure message originated from a reputable source — your organization—and that it isn’t spam. This approach helps you build trust with customers. Encryption is so intertwined with client trust, satisfaction and retention, it’s now a business necessity.

But it’s a business necessity that pays for itself.

At Echoworx, protecting email is all we do, and we do it consistently. Our OneWorld encryption platform and cloud security services are an extension to existing security programs, providing a wide range of communication options.

By Derek Christiansen, Engagement Manager, Echoworx