Tag: Policy-based encryption

13 Jan 2016

Looking for a Secure Gateway Email Solution?

Here are five of the most important factors to consider when looking for a gateway secure email solution:

1. Usability
Can the sender easily send secure email without any extra steps? Sending an email is a behaviour all of us do automatically; introducing encryption shouldn’t hinder this process. Likewise, the recipient should easily be able to open the encrypted email. Good solutions will take these behaviours into account and keep them quick and efficient. Organizations can easily adopt encryption as long as their workflow doesn’t change.

2. Secure Mail Encryption and Delivery Methods
Does the solution support multiple delivery methods? If you’re communicating with other businesses, they may have an encryption method already set up. Your solution should support multiple delivery methods, like TLS, PGP and third party S/MIME to take advantage of this. A good solution should also support delivery methods that make it easy for non-enterprise recipients to pick up messages, through encrypted PDF/ZIP or a secure web and mobile web portal. Enterprise administrators should be able to select the delivery methods that best meet their business needs.

3. In the Cloud
As Enterprises are increasingly adopting cloud based solutions, shouldn’t your encryption decision follow the same strategy? Can the solution run completely in the cloud, so you don’t have to run any software or hardware on premise? Cloud implementations save you deployment time and resources, and allow the encryption solution to grow with the enterprise.


4. Comprehensive Scanning and Policies
Does the solution allow you to easily set scanning policies to inspect email subject lines, body, attachments, and take action accordingly? You may only want to encrypt emails that contain certain keywords or regular expressions like credit card numbers or other customer information. A good solution will use a robust policy engine to allow you to create and edit policies to determine what should be encrypted and how.

5. Cost Effective
Is the solution easy to integrate and manage across the organization? Can it adapt to your changing policy and regulatory requirements without impacting users? You can never predict where a security leak will come from. A cost effective solution will be adaptive and scalable to meet a wide spectrum of business requirements; protecting all secure information from going out in the clear, not just executives or specific departments.

Echoworx’ solutions take these considerations and more into account. We’re sure you’re doing a great job protecting against inbound email attacks (spam, phishing, malware) but what about the email leaving your organization? Your outbound email contains confidential information like bids, intellectual property, medical records and personal customer data. Protecting this data is vital.

For more information to help you pick the best encryption email solution for your projects:

    This encryption smackdown cuts through the confusion of email gateway encryption to help you pick the best encryption solution for your projects.The focus is on the top three qualities of a great encryption gateway: implementation, ease of use, and security.
    75% of large organizations suffered a staff-related breach. Download this illustrated report to reveal the most significant email security risks facing organizations today and three sure ways encryption can mitigate them.

It’s time you got serious about securing your email.

By Jacob Ginsberg, Senior Director Products at Echoworx

04 Aug 2015

Top Tips, Keeping Corporate Email Secure

Data breaches, on the rise

Cyber criminals are doing everything they can to steal sensitive corporate and private personal data. As innovation drives Internet into every area of our lives, cyber criminals continue to find new ways to take advantage of its vulnerabilities. A perfect example is last year’s catastrophic breach at Sony Entertainment, an event which underscores how no company is safe from attack.

For highly regulated industries like financial and legal services, the consequences of a breach can be disastrous. Email security solutions like email encryption are now a crucial asset for industry professionals, representing an important line of defence as well as facilitating compliance.

Here are a couple of top tips that companies can put in place to keep their email communications secure:

  1. Don’t forget about internal threats
    Despite companies installing anti-spam, anti-malware, encryption and monitoring tools, there is still a chance that attacks can get through. That’s because cyber criminals exploit a company’s weakest asset – it’s people. Employees are the biggest threat to any organisation’s cyber security policy. According to Gartner, 84 per cent of high cost security incidents result from employees sending confidential data outside of the company. Despite this, only half of companies are implementing employee training schemes. Employee training is the most effective way of combatting employee negligence resulting in data loss.
  2. Back to basics
    Email security can be complicated, but it doesn’t need to be. Good email encryption solutions should make the process simple for both senders and recipients, while still keeping non-public personal information secure. Policy based email solutions remove the responsibility for security from individual employees by detecting specified keywords, attachments or number patterns like credit cards or National Insurance numbers.
  3. Plan ahead
    Most email security solutions have very basic requirements that companies need to have in place before implementation. Sometimes an element or two might be missing, such as an updated version of an operating system or applications or having TLS implemented on an email server. Having up-to-date systems guarantees a simple and smooth implementation of email encryption.
  4. Don’t forget about mobile
    Nearly everyone today carries a smartphone, whether their own personal device, a corporate issued device, or a personal device that employees are using for work purposes. However, mobile devices can easily be lost or compromised by hackers or malicious software. Malware that attacks mobile devices is becoming more sophisticated than ever before. BYOD policies need to account for these risks and should include safeguarding and tips for device management.
  5. Stay ahead of the curve
    With security breaches constantly hitting the headlines, companies need to stay ahead of the curve when it comes to new security threats and management techniques. It’s not just IT that needs to be aware of the changing security landscape – every employee has a duty of care to ensure that all communications with clients and suppliers are secure. Reading up on the ever evolving industry is an important first step to ensure end-to-end data security and compliance.

Whether or not your business is legally required to keep data in transit safe, sending email in the clear is simply no longer acceptable. Your customers expect their data to be handled securely and your employees need an encryption solution that works across all of their devices and is easy to use.

By Jacob Ginsberg, Senior Director of Products, Echoworx

29 Oct 2014

Settlement Service Providers, Adopting Encryption

Praised for our ease of use

They say a brand is not what vendors tell clients, but what clients tell each other. This is what is happening with Echoworx in the Land Title industry as more and more underwriters choose our platform to secure their communications. Praised for our ease of use and commitment to the industry, underwriters continue to recommend our solution to their settlement attorneys and title agents in an effort to achieve compliance.

Policy-based email solutions detect specified keywords, attachments, or number patterns like credit card and Social Security Numbers to encrypt a message. To deliver that message, Echoworx uses the best method for the recipient, whether it is directly to their inbox, through a secure web portal or as an encrypted PDF or ZIP file. This automated encryption flow means that NPI data is automatically protected and easy for recipients to open securely.

multiple_select - title agents

Settlement service providers are invited to join our series of free webinars on email encryption for the Land Title Industry where we are discussing encryption, trends within the industry and how easy email encryption can be for your organization to implement and use. Check our Events page and register for an event.

03 Jun 2014

Email Encryption Best Practices for Land Title Agents

The American Land Title Association recently posted a best practice tip on using encrypted email: keep it simple. Email encryption can be complicated, but it doesn’t have to be. Good email encryption solutions should make the process simple for both senders and recipients, while keeping non-public personal information (NPI) secure.

NPI that must be protected includes everything from Social Security Numbers to loan fees, and the decision to protect this information is often left up to employees and therefore subject to human error. Policy-based email solutions remove this responsibility from individual employees by detecting specified keywords, attachments, or number patterns like credit card or Social Security numbers. Emails are then encrypted using the best method for the recipient, whether direct-to-inbox, through a secure web portal or as an encrypted PDF or ZIP file. This automated encryption flow means that NPI is automatically protected and easy for recipients to open securely.

The idea of encrypting information can be quite overwhelming, especially for title agencies. Land title agents are invited to join the upcoming free webinar on June 5th, 2:00 to 2:30 pm where we will discuss email encryption made simple. The presentation will outline what information needs to be encrypted, how information is encrypted and what to expect from encrypting emails.

To register for the webinar, click here.