Tag: Remote Workforce

01 May 2020

Who Controls Your Encryption?

Security controls how our property is used, who has access to it and keeps it safe. But what happens to this secure sense of control when property and data goes beyond your reach – outside your digital perimeter?

Here are some points to consider when evaluating encryption options for email data protection – without relinquishing control:

Meets compliance needs 

Under international privacy rules, like the GDPR, non-compliance can lead to massive fines you can’t afford. And, while delivery methods like TLS or PGP are effective for protecting data in transit and end-to-end, they do not accommodate every situation – additional options are needed. If a TLS connection is not available, you may want automatic fallbacks to another secure delivery methods, such as via web portal or as an encrypted attachment – ensuring sensitive data always remains protected.

Automates processes

Encryption is a feature of any serious cybersecurity design – but real world application still lags, according to Echoworx data. When a platform is not user friendly and encrypting a message is difficult, there is a tendency for senders to favour the path of least resistance – sending sensitive data without protection. Setting proactive encryption policies in motion not only makes encryption mandatory based on pre-set rules, but also improves platform usability by automating a sometimes-confusing process. Take inbound encryption policies, for example. When a customer sends an organization sensitive information, like a credit card number, over an open or unrecognized channel, there is a chance existing email filters might flag and block their message for reasons of compliance. By setting inbound encryption policies, incoming emails containing sensitive data are automatically encrypted, before being delivered to a recipient’s inbox – safe, sound and compliant.

More secure ways to email

From the choice of email service provider to something as simple as a device-type, there are a variety of ways recipients might be inadvertently controlling their encryption experience. This unintended result can prove detrimental to their user experience – especially if there are better encryption delivery methods for their situation. Using proactive policies, your organization can push secure delivery methods tailored to specific customers. You might, for example, set policies which restrict TLS to trusted partners only – or employ attachment-only encryption for secure statement delivery.

Consistent experience for everyone

Part of a true streamlined user experience relies on a consistent user experience – regardless of device, location, location or connectivity. An encrypted message experience, for example, should offer the same user experience regardless of whether the secure message is accessed on a desktop computer or offline via a mobile device – without the need for third-party apps. This same consistent user experience also helps streamline working within collaborative environments. Common business scenarios, for example, often involve engaging with a sensitive document across multiple devices and environments. Is the document going to look and act the same offline and online? If working collaboratively on a sensitive encrypted document, is the user experience identical for all parties involved?

Recall email when needed

The ability to recall a compromised message even after it has been read, is a simple, yet fundamental feature enabling control of an encryption experience. Whether a message is sent to an unintended recipient or whether a message is no longer safe, control over a message shouldn’t have to be relinquished just by pressing ‘Send.’

Brand Safeguards

Branding and the separation of brands is crucial to any enterprise. The ability to brand, separate and segment customer interactions according to brand can mean anything from how a secure message is received to a preferred language. Different brands should also be siloed to prevent eavesdropping from other business units.

By Derek Christiansen, Engagement Manager, Echoworx

01 May 2020

The Importance of a Consistent Encryption Experience

 The adoption of new technologies only truly takes hold when people actually use them – particularly when it comes to cybersecurity solutions.

The cybersecurity benefits that come with encryption can only be realized when the encryption experience is consistent—for your employees, your customers and your partners.

Protection needs to reflect your digital workplace realities

In many organizations, today’s digital workforce include employees scattered across the globe, working from anywhere at any time and with any device.

  • Mobile employees, who expect to work from anywhere via any device
  • Evolving security demands of clients, partners and vendors
  • Zero trust policies for business risk and disruption
  • Controlling data after it leaves the organization, while ensuring it only reaches intended recipients
  • Cybersecurity threats – both of internal and external origin
  • International privacy laws, such as the General Data Protection Regulation (GDPR), which dictate business processes.

 

At any given time, employees are accessing secure information from their desktop and mobile devices, on or off the company network. Even the reality of business travelers accessing secure documents—while on the road, without reliable access to the Internet —presents a data protection problem.

This new digital workforce makes it difficult to implement a consistent email data encryption experience because there are many user types, each with different needs. A one-size-fits-all solution may sound like heaven but is unlikely to provide a friendly experience when offered to real people in real world situations.

Must-have security extensions for encryption 

Security administrators must balance user-experience with airtight data protection and—much like a tightrope walker—when these features are unbalanced, the risk increases exponentially.

While an included encryption solution might seem simple, it doesn’t always provide the right balance of security and usability. An bad user experience can lead to frustration and open the door to workarounds. A recent Echoworx survey found that only 40 per cent of organizations that have encryption capabilities actually use them across the business.

Pairing your current solution with encryption extensions gives you the opportunity to innovative – offering consistent data protection that reflects your workforce realities.

Look for an encryption extension that:

  • Has a flexible platform that can quickly integrate and adapt to any environment.
  • Provides policy-based support of multiple brands and languages, based on organization, sender and recipient attributes.
  • Keeps email protection simple for people who are not heavy technology users which promotes adoption for senders and recipients.
  • Is designed for high volume messaging capabilities—to meet enterprise-level demands.
  • Offers a variety of secure delivery options, including fallback options, so that all messages are protected.
  • Provides full value for investment.

 

It’s all about the customer experience

An organization with offices around the world can use Echoworx’s OneWorld encryption platform to deliver a consistent brand, domain and user experience regardless of where the sender or recipient is located.

You may wonder how this works. The platform supports 26 languages and uses organizational attributes to personalize and dynamically brand outgoing encrypted messages by logo, division or location. These rules are set up during implementation and based on business use cases.

If you take advantage of branding and language preferences, your clients will consistently see that the secure message originated from a reputable source — your organization—and that it isn’t spam. This approach helps you build trust with customers. Encryption is so intertwined with client trust, satisfaction and retention, it’s now a business necessity.

But it’s a business necessity that pays for itself.

At Echoworx, protecting email is all we do, and we do it consistently. Our OneWorld encryption platform and cloud security services are an extension to existing security programs, providing a wide range of communication options.

By Derek Christiansen, Engagement Manager, Echoworx