Category: Drive Customer Experience

10 Jan 2017

OneWorld Encryption is Making it Easier to Secure Office 365, From Anywhere

With the click of a button

We’re excited to announce the full integration of OneWorld Encryption for Office 365 Users!

For years, OneWorld customers have been trusting the OneWorld Encrypt button in Microsoft Outlook on the desktop to provide their employees with a quick and obvious way to encrypt their emails.  While the Office 365 Outlook on the web Add-in is not a requirement to use OneWorld, it is often preferred over asking remote employees to type a keyword like “secure” in the subject line. OneWorld Encryption for Office 365 Outlook on the web is also an excellent way to offer multiple encryption methods to your employees.

That’s why we are so proud of our new OneWorld Encrypt Add-in for Office 365 Outlook on the web!  Integrating into Office 365 Outlook on the web allows enterprise senders to select “Encrypt” from anywhere!  They simply login to Office 365 Outlook on the web from a mobile device, or from any desktop web browser (Windows, MAC OS X, even Linux).

Let’s dig in to the full story by answering some common questions.

What does the OneWorld Encrypt Add-in for Office 365 Outlook on the web offer?

The OneWorld Add-in for Office 365 Outlook on the web offers advanced user encryption options right where you need them. You can use the add-in to:

  •         Encrypt messages in a variety of formats including TLS, PDF, PGP, S/MIME, and Web portal;
  •         Track and recall your web portal messages;
  •         Request delivery and read-receipts;
  •         Set custom expiry dates for Web Portal messages;
  •         Retrieve the password you set on your Shared Passphrase messages;
  •         Categorize encrypted messages for easy searching.

How does it work?

Encrypting a message is as simple as clicking on the Encrypt slider.  OneWorld Encrypt will add special flags (or for the more technical folk – email x-headers) that tell OneWorld to encrypt the message.

The options displayed in the Add-in for Office 365 Outlook on the web will match your company’s encryption policies, which govern how the message is to be encrypted and delivered. You can also override certain settings like notification preferences and message expiration periods.

Encrypted emails will have a category added onto them so you can instantly see which messages were secured.  And when you open encrypted messages in your Sent Items folder, the Add-in will display useful information like the shared passphrase, or a link to recall the Web Portal message.

What does it look like?

Here’s a sample message that I sent to an external customer.  As you can see, I have the ability to choose my encryption method directly within the OneWorld Encrypt Add-in for Office 365 Outlook on the web.  The options available to me depend on what my administrators have allowed.

ow_addin

How do we install it?

Echoworx is hosting a few versions of the OneWorld Encrypt Add-in for Office 365 Outlook on the web that match the majority of our customers’ requirements.  Alternatively, any customer can deploy the Add-in code as a Web App to Azure Active Directory or to a traditional IIS Web Server.  Detailed instructions can be provided for customers that want their own deployment.

Once the deployment decision is made, the Office 365 Administrator (logging into the Exchange Portal) can push out OneWorld Encryption for Office 365 Outlook on the web to everyone, or to certain groups, in a matter of minutes using the Add-in manifest file.  Individual users can also add OneWorld Encryption for Office 365 Outlook on the web to their own mailbox if they have the manifest file URL.

Where does this work exactly?

We’ve made sure OneWorld Encryption for Office 365 Outlook on the web will run in all the same browsers and platforms that Outlook Web is supported on (by Microsoft).  For a list, see https://support.office.com/en-us/article/Office-Online-browser-support-AD1303E0-A318-47AA-B409-D3A5EB44E452

For Outlook on the desktop, we continue to support and recommend the traditional OneWorld Encryption Add-in.  Both the Desktop and Web Add-ins are completely interoperable –  if you start composing a message on the web, you can finish on the desktop, or vice versa.

There is so much to see in version 1.0 that we invite you to give it a try!  More exciting features are coming soon as we continue to develop on Office 365 to make OneWorld Encrypt an Add-in you can’t live without.

For more information, reach out to the experts at Echoworx.

By Sarah Happé, Engagement Manager and Product Specialist, Echoworx

30 Dec 2016

Solving the Encryption Conundrum in Financial Services

Encryption has gone mainstream. In March this year, WhatsApp announced that it would encrypt all users’ communications. Viber and Facebook soon followed suit. In one fell swoop, these three companies shifted the user base of strong encryption from what most believed to be whistle-blowers and journalists to almost three billion people worldwide.

Meanwhile, government bodies are busy endeavoring to weaken strong encryption in the interest of national security as technology companies, opposed to such a precedent, are arguing that the privacy and the security of millions of innocent citizens would be at risk.

The encryption debate has captured the world’s attention. And coupled with the inevitability of another notable data breach, awareness of encryption as a tool to mitigate threat is at an all-time high.

What does this mean for FS?

Despite being one of the first industries to embrace a digital transformation agenda, the financial services sector continues to struggle in the race to deploy digital technologies in order to grab a bigger “piece of cake.” As competition from new, digital-first financial start-ups continue to grow; banking executives are focused on game changing digital solutions, such as encryption, to compete successfully. If you want to talk to your customers, the security must be there. The better your security the closer you can be to your customers. In this article, we delve into the link between encryption investments to growth and customers.

Consider encryption a competitive differentiator. Consumerization of encryption is the driving force behind customer demand for secure digital communications, and as a result, increased expectations. The ease at which confidential information can be intercepted today has created hesitancy among consumers to send or receive private information unless encryption is applied, both during transit and at rest. Increasingly, banks or financial institutions not offering their banking customers a secure digital experience are regarded as disconnected and outdated.

Focus on customer experience as a digital business enabler. Digitizing and automating invoice processes are said to result in savings of 60-80 per cent compared to traditional paper-based processing. Some banks, including Standard Chartered, have set lofty goals to reduce their paper-based on-boarding from 90 per cent to 10 per cent by 2018. Standard Chartered is also expecting turnaround times to reduce from five days to less than an hour because of its investment in digitizing processes. By encrypting on-boarding customer communications, including mobile, financial organizations can move towards these cost-saving models securely. And as a result, offer a cleaner, faster enhanced customer experience.

Invest in compliance and risk management. The Cybercrime Directive and the recently-approved General Data Protection Regulation initiative have elevated the awareness of encryption technology. Under these rulings, banks and other financial institutions will be compelled to disclose when data security measures have been breached. They will also be required to justify the reasons for collecting specific customer data. Failure to comply, results in heavy financial penalties. Encryption can digitally protect sensitive data based on policies, minimizing the number one cause for data breaches, human error. Encrypting communications from the get-go is not only one way to avoid regulatory fines; it’s also an insurance policy for customers and business partners, building higher levels of trust. 

Moving forward. Why isn’t encryption ubiquitous?

The financial services industry needs to dedicate the time and the resources to allocate against initiatives focused on securing digital communications. Encryption-enabled solutions have the potential to create entirely new ways of working with your customers and partners. And with 16 per cent of customers accounting for 105 per cent of profits, delivering differentiated services will be crucial to keeping the long-term brand loyalty of this trendsetting group.

The underlying implementations of smart encryption technologies are complex, but the user experience is becoming progressively transparent and seamless. WhatsApp secures our chat messages without us having to think about it. The same must happen in financial services with bank statements, mortgage applications and other confidential material. In fact, in a society that is demanding digital services in all occupations, it must to remain relevant and competitive. Today, with the rise of encryption, financial institutions are in a far better place to exceed their customers’ expectations by fostering trust and demonstrating a commitment to safeguarding privacy, while increasing revenue and productivity.

By Jacob Ginsberg, Senior Director, Echoworx

This article originally appeared in Global Banking and Finance Review

28 Oct 2016

The Encryption Rally Cry

Stronger yet simpler solutions.

Email has been around for decades, and remains the mainstay of enterprise communications. Despite efforts within companies to introduce collaborative solutions that reduce reliance on email, Radicati Group reports that the average number of business emails sent and received per employee will actually grow from today through 2019.

These emails, of course, often contain sensitive text information as well as attached documents, and despite the rise in cloud- and premises-based collaboration software that might account for that drop in sent emails, that practice is likely to continue. It’s simple and easy to attach a document and send it, after all—no logging into a different system to move files, or take other steps to share information.  Users will always take the easiest path.

As security and compliance concerns continue to rise across industries, businesses are not only looking for new ways to keep sensitive data safe, but also to cut costs. As a result, many organizations are migrating some or all of their email users to the cloud, marking a fundamental change in the way that email and email-related services such as archiving and encryption are managed.

As this shift is occurring, there are two other factors also in play:

  • Lines of business are becoming increasingly more influential in determining a company’s encryption strategy, while the influence of IT is dropping, according to a recent report from Ponemon Institute. According to the report, respondents from three countries—the United States, the UK and France—actually chose their organization’s lines of business management as being more influential than its IT group in terms of determining the company’s security posture.
  • Breaches are becoming more public and more costly. Compliance with privacy and data security requirements is a big driver of encryption, not only in expected vertical markets, but across the board in all industries.

Cost and Simplicity
Businesses are migrating email to the cloud for a variety of reasons, according to a recent report from Osterman Research, but the key driver for the use of cloud-based email—cited by more than half of all respondents (52 percent)—is reducing the cost of delivering services. Also on the costs side, gaining certainty over costs was listed as a key driver by 40 percent of respondents.

Businesses are also looking for simplicity in their move to the cloud; 44 percent of respondent said cloud-based email would help streamline IT operations and 35 percent said it would enable agility in a changing user environment. Interestingly, only one-third of respondents (34 percent) listed improving organizational communications as a key factor, and 39 percent sought to drive user productivity by migrating email to the cloud.

Although the majority of respondents 43 percent said they would prefer on-premises virtualized servers as the hardware/delivery platform of choice, nearly one-third indicated a cloud-based system operated by a third party would also be a viable option. To meet the goals of cost reduction and control, many businesses will likely find that a hybrid solution—a customized blend of on-site services and off-site cloud-managed services, with different resources available to different users—will offer the best of both worlds. With many users now working remotely—either permanently as telecommuters or temporarily on mobile devices, on-premises solutions just can’t offer the flexibility of the cloud.

The big concern, of course, is security, and believe it or not, regardless of whether email is hosted in the cloud or on-premises, careless employees are a company’s worst security threat. One out of every four corporate emails contain attachments that include sensitive personal or business data. The majority of emails are openly sent without any form of encryption; 61 percent of employees admit sending confidential information through open email channel. According to the Ponemon study, 52 percent of respondents cited employee error as the most significant threat to sensitive or confidential data. Thirty percent chose system or process malfunction as the biggest threat, and 28 percent selected hackers. The fact that the top two findings on threats relate to mistakes or errors, despite recent headline-grabbing targeted threats, is significant. Ironically, that gaping hole in a company’s security posture can be quite simple to fix with the right encryption solution.

However, many companies are struggling to do just that. According to the Ponemon report, 57 percent of respondents say the biggest challenge to encryption deployment is discovering where sensitive data resides in the organization. Ponemon indicates this isn’t a surprise, and we agree; there’s more data, more endpoint devices and more use of the cloud. In addition, neatly half of all respondents (49 percent) cite initially deploying encryption technology as a significant challenge.

It’s an interesting paradox—the industry is approaching the issue of data leaks caused by employee error by offering solutions that employees will likely ignore because they are too difficult to use. If only there was a better way…

The additional content listed below may be of interest.

  • Download our REPORT  | How Much Do You Trust Email?
  • Watch our DEMO  | OneWorld B2C Encryption Protection
  • View our INFOGRAPH  | 5 Encryption Factors to Consider

By Chris Peel, Vice President Engineering, Echoworx

 

04 Oct 2016

Encryption, Investment in Brand

Yahoo! announces 500 million breached.
Anthem confirms data breach, could impact millions.
DNC hacked.

What do these news headlines have in common?
Unencrypted Data, of course!

Last year, we saw a record-setting total of nine mega-breaches. Including, the world’s largest data breach ever publicly reported with an astounding 191 million records exposed!

While the cause of all data breaches vary, email is often the entry point for all manners of cyber-attacks. In fact, according to Echoworx research which polled 1,000 financial services professionals, 62% of the large corporations send unencrypted confidential information through open, unencrypted email channels.

“My data isn’t valuable to the hackers”
“I have nothing to hide”
“Encryption is too difficult”

Does this sound familiar?

According to Ponemon, 48% of organizations are challenged by the ability to deploy encryption effectively. In the past, encryption was difficult to deploy and it was not user-friendly. Services offered little support for mobile devices and required continual operating investments. But, times have changed.

Today digital business is reality. It is leading to changes in technology which is driving customer demand for security, trust, and seamless experiences. Clearly, a more adaptable approach to digital business communications is required.  At a recent security conference, Global CISO at Barclays stated “the road to a successful digital future leads through security.”

It is time that companies start treating encryption as an investment in their brand rather than treating data breaches as a cost of doing business. That’s why Echoworx, being a strong advocate of email encryption is sponsoring the ISE® Northeast Executive Forum and Awards Gala on October 4, 2016 at the Westin Times Square in New York City.

The ISE® Northeast Awards recognize the information security executives and their teams who have demonstrated outstanding leadership in risk management, data asset protection, regulatory compliance, privacy and network security. The awards are held in conjunction with a one-day Executive Forum including speakers, interactive roundtables, hot topic discussions, and an opportunity to meet with me.

Visit Echoworx during the Sponsor Pavilion and Dinner Buffet, between 6 p.m. – 7:30 p.m.

Echoworx’s OneWorld Enterprise Encryption, provides an adaptive, fully flexible approach to encryption that ensures the privacy of sensitive messages. Enterprises investing in the OneWorld platform, are gaining an adaptive, fully flexible approach to encryption, creating seamless customer experiences and in turn earning their loyalty and trust.

This is sure to be a great event and networking opportunity. Hope to see you there.

By Chris Grossi, Enterprise Account Executive, Echoworx