Whose Email Is It Anyway?
Employees are allowed through an office entrance, with electronic card access control identifying them. Security or reception checks visitor credentials before allowing them in. For some facilities, bags and mailed packages are checked for everything from explosives to white powder.
But what about email, faxes, voicemails, electronic documents and large digital files which arrive at and are sent from enterprises? They all contain information that can potentially harm an organization or its reputation. In such electronic exchanges, there is increased need to authenticate the sender and the receiver as well as the unchangeable content.
Spotlight on Message DeliveryThe bottom line – many existing file delivery methods are no longer acceptable, contends Bill Ho of Biscom, a new-age security firm which enables users to deliver documents, files and messages in a simple and secure manner.
Ho points out that security must be part of the routine workflow when it comes to email, faxes, documents and large digital files. Who is actually receiving a communication and can the enterprise prove it? When it comes to compliance, internal or external auditors will be seeking proof that communication of specific information has been reasonably protected.
Collaboration Has VulnerabilitiesMany organizations today have on-going, everyday collaborations, which include sharing and transfer of sensitive information among companies and agencies. There are select trusted credentialing authorities to handle identity management and secure information sharing, often through PKI bridges. Public key infrastructure is a set of hardware, software, people, policies and procedures needed to create, manage, distribute, use, store and revoke digital certificates. In cryptography, a PKI is an arrangement that binds public keys with respective user identities by means of a certificate authority or CA. The user identity must be unique within each CA domain. The binding is established through the registration and issuance process, which, depending on the level of assurance the binding has, may be carried out by software at a CA, or under human supervision.
From Physical Doors to Computer PortsStill, most solutions aimed at securing shared data do not relate to door controls.
Chris Callen of CD Callen, Westerville, Ohio, an insurance agency serving dentists nationwide, has Meana, a German shepherd for office security and protection. But when it comes to client confidentially, he depends on document security technology to avoid lawsuits and meet the requirements of HIPPA and HITECH, which mandate the handling of certain types of information. He uses a solution from DataMotion. “We secure email and attachments so that people can retrieve messages online in a closed, secure manner.”
Six Steps to Deliver Files Securely
• A sender collects files, documents and other electronic media.
• The sender creates a "package" of files, optionally enters a secure message, and addresses the delivery to one or more recipients.
• Recipients are notified of their secure delivery through an email message with an embedded hyperlink.
• Recipients sign in to an identified server.
• Once authenticated, recipients can view the secure message and download files.
• The sender receives an email notification that the delivery has been viewed.