Tag: Data Protection

15 Apr 2020

Goodbye Algorithms, Hello User Experience

Leading firms are revamping decades-old debt-heavy data protection technologies and processes to provide more productive experiences.

Most email data protection systems use the same encryption algorithms and specs; almost all contemporary email security products feature 2048-bit RSA encryption, 256-bit AES encryption and SHA2 signatures. There’s nothing new about that – it should be a given.

But not all solutions designed to protect data sent though email are easy for everyone to use – and that’s where user experience scores the winning goal.

Data protection only works if we put people first

We recently surveyed IT professionals and IT decision-makers and found that, while email data protection is a priority for most organizations, less than half of organizations with encryption software use it extensively. This often comes down to user-friendliness; it’s nearly impossible to roll-out a security feature that doesn’t integrate seamlessly into existing workflows. When searching for an email data protection solution, carefully consider the processes that come with the product and let a user-friendly secure communications experience differentiate you from the competition.

Keep email protection simple for everyone

Enterprises today are focused on flexible integration and customization – to provide more access across their entire business.

Popular with clients and staff:

  • Smooth and simple to use – Customers and employees tend to take the path of least resistance. Look for a secure communications system which makes protecting data in transit the path of least resistance. A recent case study by Echoworx, for example, enabled a U.K. bank to instantaneously reach its entire mortgage customer base during a time-sensitive emergency without changing the light look and feel of their regular customer communications. Communications could be sent via email as per usual, but with any sensitive information being packaged into protected secure encrypted attachments.
  • Customizable preferences – For international organizations, excellent customer experience includes on-brand communications in your client’s preferred language. Did you know that 79 per cent of people take less than 30 seconds to evaluate the safety of an email? This means off-brand but legitimate secure emails from your company can easily be categorized as spam, decreasing your organization’s digital trustworthiness. Even the most-secure communications should allow you to set language policies to automatically apply to secure communications based on sender, brand, locale and receiver attributes.
  • More ways to send secure email – Not every business use case is the same, so you need to ensure your email data protection solution if flexible enough to adapt to different conditions. While TLS remains a primary secure method of protecting data in transit, for example, what if a TLS connection is not available? In addition to providing fallback options, ensuring no sensitive message goes undeliverable or, worse, is sent in the clear, having access to multiple secure delivery methods gives more choice to both senders and recipients in how they choose to communicate with one another.

 

Popular with administrators and support:

  • More control over email security – Definable policies control which communications get protected (and how) based on message content. This is set up during implementation of an email data protection system—based on your needs and best practices—to be triggered by common message attributes, like subject, keywords, message type or recipient domains, for examples. Flexible controls for every scenario allow you to create a customized user experience for senders and recipients and stay in control of encrypted messages in transit and at rest.
  • Recall sensitive email – Whether a recipient is compromised, or a secure message is sent to an incorrect address, the ability to recall an email containing sensitive information is an important feature of any best-in-class email data protection system. Recipients should also be given the option to reply in a secure manner to any encrypted message.
  • Prevent unauthorized access Modern non-invasive Two Factor Authentication (2FA) options can accurately verify the identity of users before they are granted access to secure information. For access to a secure message portal, for example, a user can be required to provide a Time-Based One-Time Password (TOTP) – a random single-use, time-stamped soft token issued from a third-party SaaS app installed on a user’s phone – in addition to a username and password before access is granted.
  • Send unlimited email – For large enterprise organizations, numbers of recipients for mass communications pushed to customer bases can be in the millions. When the contents of these messages contain sensitive information which must be protected, like a bank statement, existing communications infrastructure needs to be able to scale to sudden bursts in activity without being overwhelmed.
  • Get full value on investment – With the right secure communications solution, your organization can provide a user-friendly experience—and save money. For example, a recent Forrester study, revealed that a typical enterprise-level organization using Echoworx’s OneWorld email data protection platform can expect an ROI of 155 per cent—with upwards of $2.7M in cost-mitigating benefits and a payback period of seven months.
  • Increase organizational use – According to Echoworx data, despite over half of IT professionals and decision-makers identifying email data protection as very important, even critical, to their organizations, only 40 per cent of the same group are using encryption technology extensively. When working with a third-party SaaS provider, you gain access to their team of experts and, paired with a simple interface and clear instructions, this can mean a streamlined UX – meaning less calls to your help desk and more successful and widespread implementation.

 

Offer email protection to everyone

While access to secure lines of communications is essential for any business, the reasons for email data protection vary. Verizon’s 2019 Data Breach Investigations Report[1] breaks down security incidents by industry, size and concerns. Here are a few takeaways:

  • Financial services and insurance – Use MFA, including 2FA or the European Central Bank (ECB)’s ‘Strong Authentication,’ for all customer-facing applications, train your employees on how to risky exchanges of sensitive data and set up secure communication controls to reduce the risk of insider threats and other communications-related vulnerabilities.
  • Healthcare –Ensure healthcare staff can safely send and receive sensitive documents containing patient information, which is protected under regulations like the Health Insurance Portability and Accountability Act (HIPPA).
  • Manufacturing – From sensitive data changing hands during an M&A deal to communicating personal details with customers to something as simple as exchanging trade secrets with a trusted partner, there are many instances where manufacturing organizations should be leveraging email data protection solutions.

It’s now a given that every industry has data it needs to protect. But how this data is communicated safely – packaged, sent and received – determines the experience for everyone.

In the end: People want safe communications, not usable cryptographic algorithms.

By Michael Roberts, VP Technology at Echoworx

[1] https://enterprise.verizon.com/resources/reports/dbir/