Tag: cloud

13 Jan 2016

Looking for a Secure Gateway Email Solution?

Here are five of the most important factors to consider when looking for a gateway secure email solution:

1. Usability
Can the sender easily send secure email without any extra steps? Sending an email is a behaviour all of us do automatically; introducing encryption shouldn’t hinder this process. Likewise, the recipient should easily be able to open the encrypted email. Good solutions will take these behaviours into account and keep them quick and efficient. Organizations can easily adopt encryption as long as their workflow doesn’t change.

2. Secure Mail Encryption and Delivery Methods
Does the solution support multiple delivery methods? If you’re communicating with other businesses, they may have an encryption method already set up. Your solution should support multiple delivery methods, like TLS, PGP and third party S/MIME to take advantage of this. A good solution should also support delivery methods that make it easy for non-enterprise recipients to pick up messages, through encrypted PDF/ZIP or a secure web and mobile web portal. Enterprise administrators should be able to select the delivery methods that best meet their business needs.

3. In the Cloud
As Enterprises are increasingly adopting cloud based solutions, shouldn’t your encryption decision follow the same strategy? Can the solution run completely in the cloud, so you don’t have to run any software or hardware on premise? Cloud implementations save you deployment time and resources, and allow the encryption solution to grow with the enterprise.


4. Comprehensive Scanning and Policies
Does the solution allow you to easily set scanning policies to inspect email subject lines, body, attachments, and take action accordingly? You may only want to encrypt emails that contain certain keywords or regular expressions like credit card numbers or other customer information. A good solution will use a robust policy engine to allow you to create and edit policies to determine what should be encrypted and how.

5. Cost Effective
Is the solution easy to integrate and manage across the organization? Can it adapt to your changing policy and regulatory requirements without impacting users? You can never predict where a security leak will come from. A cost effective solution will be adaptive and scalable to meet a wide spectrum of business requirements; protecting all secure information from going out in the clear, not just executives or specific departments.

Echoworx’ solutions take these considerations and more into account. We’re sure you’re doing a great job protecting against inbound email attacks (spam, phishing, malware) but what about the email leaving your organization? Your outbound email contains confidential information like bids, intellectual property, medical records and personal customer data. Protecting this data is vital.

For more information to help you pick the best encryption email solution for your projects:

    This encryption smackdown cuts through the confusion of email gateway encryption to help you pick the best encryption solution for your projects.The focus is on the top three qualities of a great encryption gateway: implementation, ease of use, and security.
    75% of large organizations suffered a staff-related breach. Download this illustrated report to reveal the most significant email security risks facing organizations today and three sure ways encryption can mitigate them.

It’s time you got serious about securing your email.

By Jacob Ginsberg, Senior Director Products at Echoworx

02 Dec 2015

Reliance on Data Residency Is Not Enough

Making the move.
As organizations move their operations to the cloud, they face the complexities and increasing pressures of protecting sensitive data belonging to them and their customers. Not to mention taking into account local regulatory requirements which often limit where data can be located in order to keep it out of the hands and eyes of prying government policies such as the broad-reaching US Patriot Act.

Organizations eager to meet privacy and regulatory requirements place far too much emphasis on data residency alone.

While it does matter where data is stored, geographic location is not fixed when it comes to the internet.

Borders are porous.
Data leaks from one jurisdiction to another on the way to its final destination. Data is also not solely held; all those bits can be infinitely copied. While the original may reside in a sufficiently approved locale, copies of it can easily exist in unexpected locations. It doesn’t necessarily need to be a malicious act which makes a copy of that data.

Your service providers’ backup or disaster recovery strategies may inadvertently create copies in geographically dispersed datacentres for service redundancy and resiliency. What if those datacentres are not in a jurisdiction which meets your data residency requirements?

“Organizations eager to meet regulatory requirements place too much emphasis on data residency alone.”

Tweet this quote

The truth of the matter is.
If your organization is serious about data protection, you cannot solely rely on location and local laws as a means of satisfying your responsibility to your customers to ensure their data is sufficiently protected. Data residency laws alone will not sufficiently solve the problem. They are guidelines and rules. But it isn’t feasible for an organization or their cloud service providers to build datacentres in every country in an attempt to comply with local regulatory requirements either. Even if one could, it would not prevent access to that data from other countries.

Effective data security IS applied in layers.
At a minimum, one must insist that your cloud service providers employ some form of strong encryption in addition to data locale. Organizations serious about protecting their sensitive data and meeting regulatory requirements must ensure that the data remains protected throughout its entire lifecycle.

It is important to consider technologies which render data useless to anyone but its intended recipient from the moment it leaves your organization until the moment it’s consumed. For example, encryption applied during transport as well as storage will protect sensitive information irrespective of where that data ultimately resides. Furthermore, reliable authentication can ensure that only the intended consumer will have the ability to decrypt that data.

Encrypting sensitive data throughout its entire life cycle can relieve the burden for organizations to implement all of the regulatory requirements imposed on data protection from country to country. This significantly simplifies the task of protecting sensitive data.

Encryption provides protection of your customer’s data first and foremost but also facilitates regulatory compliance as a result.

By Greg Aligiannis, Senior Director of Security at Echoworx

19 Jun 2014

Cloud Security Accelerates to a $9 Billion Market

Cloud Security MarketAccording to CRN, Cloud Security is going to experience tremendous growth by 2019, reaching the $9 billion mark. This is no surprise as most security vendors are now offering a Cloud or hybrid solution in an effort to improve total cost of ownership, scalability and ability to manage change.

With this tremendous growth comes the high rate of adoption of cloud based email security.  CIOs and CSOs are looking for easy to deploy and cost effective solutions to secure internal and external email and bulk email communications to customers and business associates.

Echoworx has brought a number of Cloud solutions to its customers. An encrypted message can be delivered to a wide variety of recipients through a secure web pickup portal, the simplest and most universal method of delivery. Because the secure web pickup portal technology runs completely in the cloud, customers can use any device and do not have to worry about how to manage and operate the platform to receive their encrypted messages.

With OneWorld, enterprises can now take their PGP keys to the Cloud and easily interact with business partners in the Echoworx Could, without the need of a local PGP Universal Server and the complexity of managing it.  With Echoworx operating the LDAP service, OneWorld simplifies the management of your PGP keys. It is all done for you in the Cloud and therefore significantly reducing the total cost of ownership for your PGP implementation.

According to analyst MarketsandMarkets, quoted by CRN “even though there are various on-premise solutions available for all types of security, cloud security has become the prime importance for businesses who want to reduce Capex and support a growing remote workforce.”