Debunking Nine Myths About New-Gen Email Encryption

 
 
By Chris Preimesberger  |  Posted 2014-04-24 Email Print this article Print
 
 
 
 
 
 
 
 

Despite the continued influx into enterprises of text messaging, unified voice-and-text communications and social media apps, email is still the killer business app—the No. 1 channel used to share sensitive business information. Enabling email encryption should be a no-brainer, especially since reports of data breaches, ranging from stolen credit card information to personal health records, are increasing. Although every organization faces the threat of a security breach, misperceptions and myths still prevent many from deploying encryption as CIOs, chief security officers and others try to balance the perceived value of secure email versus seeing it as an inconvenient hit to corporate productivity. This eWEEK slide show, using industry information compiled by Nigel Johnson, vice president of product management at Dallas-based security provider Zix Corp., and our own reporting will debunk some common myths, set the record straight about email encryption and explain simple ways to keep sensitive data protected.

 
 
 
  • Debunking Nine Myths About New-Gen Email Encryption

    by Chris Preimesberger
    1 - Debunking Nine Myths About New-Gen Email Encryption
  • Myth: Any Email Encryption Will Keep It Secure

    Not all email encryption solutions are created equal. For instance, Yahoo offers https for Yahoo users, which encrypts mail as it travels between the user's Web browser and Yahoo servers. While this helps keep Yahoo users secure, any email sent outside the Yahoo ecosystem to email platforms such as Outlook, Office 365, Hotmail and Google is not encrypted. For any business that needs to maintain or comply with federal regulations that protect personal privacy, there's still a need for heavy-duty email encryption options, such as Google Apps Email Encryption.
    2 - Myth: Any Email Encryption Will Keep It Secure
  • Myth: Laws Prevent Unauthorized People From Intercepting Email

    Federal and state legislation outlaws the theft of electronic communication. Other laws exist to protect personal property, but that doesn't mean people don't lock their homes or cars. Laws don't prevent anyone from breaking into your home or car, so why would they prevent hackers from intercepting your email and stealing valuable data? Security solutions, like anti-spam and antivirus, have become foundational for email hygiene for your enterprise. Email encryption also should be foundational.
    3 - Myth: Laws Prevent Unauthorized People From Intercepting Email
  • Myth: Email Encryption Is Too Complex to Be Practical

    Historically, email encryption packages have required users to jump through hoops to encrypt and decrypt emails, and they have often been associated with slow, inefficient processes. To stay productive, employees avoided using email encryption and found other ways to communicate that can be more vulnerable. However, email encryption has evolved substantially in recent years. The more advanced email encryption systems allow employees to exchange encrypted emails the same way they would with conventional email workflow isn't interrupted, and no extra steps or passwords are required for senders or recipients.
    4 - Myth: Email Encryption Is Too Complex to Be Practical
  • Myth: Email Encryption Is Hard to Use on Mobile Devices

    Mobile users spend more time using email on their devices than any other mobile activity. Distorted layouts and cumbersome extra steps would diminish the benefits of email encryption and force users to find workarounds. To address the increasing demands of mobile users, email encryption solutions have integrated seamless navigation from desktop to mobile device that takes advantage of the user's environment and removes extra steps.
    5 - Myth: Email Encryption Is Hard to Use on Mobile Devices
  • Myth: Secure Read-Only Storage Is Safest Way to Share Sensitive Info

    Many companies have secure eRoom or SharePoint sites where documents can be shared in read-only mode with other employees, boards of directors, auditors and investors. While this approach can work, it doesn't support a dialogue if there is a discussion occurring about any of the materials. Often discussions about sensitive information start in personal email, which may violate compliance and security policies.
    6 - Myth: Secure Read-Only Storage Is Safest Way to Share Sensitive Info
  • Myth: Email Cannot Be Intercepted in Transit

    Email messages can be stored on a number of public servers along the way to the recipient, so sensitive information can be intercepted and captured by anyone, anywhere along the way. Organizations that must comply with regulatory requirements for data privacy have additional risks and penalties if messages are not secured. The best way to ensure that emails are private and their sensitive data is protected is to use encryption that meets regulatory standards.
    7 - Myth: Email Cannot Be Intercepted in Transit
  • Myth: Email Encryption Is Expensive and Complex to Deploy

    Email encryption has evolved, and enterprises can access new-generation email encryption that is easy for senders, recipients and administrators. Email encryption through software-as-a-service (SaaS) architecture has simplified the process for specifying and deploying secure messaging solutions. New-generation email encryption can be easily integrated and deployed in hours, not days. For security managers, compliance managers and IT managers, many solutions also offer management consoles and dashboards to alleviate management headaches and improve processes.
    8 - Myth: Email Encryption Is Expensive and Complex to Deploy
  • Myth: Email Encryption Is Only for Firms With Compliance Requirements

    If you have sensitive data, then you should always encrypt it, whether there's a legal obligation or not. Even though your company may not incur legal penalties, there could still be serious business and public relations ramifications. Whatever encryption option you choose, make sure it meets necessary corporate and regulatory requirements and that it works well for your organization.
    9 - Myth: Email Encryption Is Only for Firms With Compliance Requirements
  • Myth: Confidentiality Notices Keep Email Private

    Boilerplate notices do nothing to protect confidentiality of the email message content and attachments. Email is often misaddressed, and wrong receivers have no obligation to respect the notice. And there is no chance hackers who intercept emails—whether they work for the National Security Agency or for a criminal organization—are going to respect a confidentiality notice. The surest way to protect the privacy of a message is to encrypt it.
    10 - Myth: Confidentiality Notices Keep Email Private
 
 
 
 
 
 
 
 
 
 
 

Submit a Comment

Loading Comments...

 
Manage your Newsletters: Login   Register My Newsletters























 
 
 
 
 
 
 
 
 
Rocket Fuel