As much as big tech might long to replace it, email is still hard to beat. The technology has been around for almost four decades now, and it remains our most critical tool for doing business. But can business leaders really be confident their email system isn’t the weak link in their digital security? Here’s why email might not be as secure as you think – and how a modern secure communications platform such as Zivver can help your business stay safe.
Badly designed or no authentication
Everyone knows not to use the word “password” as their password, but sometimes that’s the least of a company’s worries because IT policies aimed at increasing security might actually be undermining it. Staff using many different systems at work are invariably told to use a different password for each of them, including their email. They are then instructed to change their passwords regularly and to use complicated combinations of numbers and characters (which can be hard to remember). Such precautions might sound like a good idea but in reality they are a recipe for disaster as they make it more likely that someone somewhere will end up with their email password on a Post-it note stuck to their monitor.
The good news is there is a much better way to sign in. Today, it is already normal that when we log in to something particularly sensitive, such as our online banking, we’re asked to enter a special code that’s sent to us via text message or even using an “authenticator” app. It’s an effective check, because the system then knows that if you used the code, you really are using the phone or device you say you are. It’s also a system that is increasingly used by email providers. But still there are ways to go further and be even more secure, which some companies need to do under GDPR rules. For example, Zivver will add this extra authentication to individual emails and attachments too. So if you need to send that particularly sensitive file, you can be confident that the person opening it really is the person it was intended for.
Missing or weak encryption
When you send an email, you want to make sure that it is secure, but even today about 10% of emails sent are completely unencrypted. This means that whatever you’ve written could potentially be read en route to its destination, or even snooped on by service providers, or hackers when it arrives at its destination. It also means that your emails could be subject to government data requests – which can be a particularly big problem for European companies working in the US, as data protection laws make sharing that information more complicated. Luckily though, there is a better way. The modern gold-standard is end-to-end encryption, where not even your email provider can see the contents of messages. Instead, the keys are only held by you and the recipient. Therefore, if the message is intercepted or accessed by others, it appears as gobbledygook. So your business secrets remain secret.
No ‘message received’ verification
It’s always reassuring to know that a parcel has reached its final destination, and that the correct person has received the goods. But with many traditional email services, once you hit “send”, the email is out of sight and out of your control. If you have something time-critical, or particularly sensitive, you can only hope it reached the right person in time. This is why Zivver created a proof-of-delivery system that works a little like sending a parcel by recorded delivery. When an email is sent, it will verify that it has reached its destination, and generates a comprehensive data report for each email that even holds up in court if needed.
Recalling emails is hit and miss
Many of us have experienced it: you receive an email that doesn’t really seem like it’s meant for you, and you ignore it. Then moments later you receive a recall notice from the sender. At that point it’s hard to resist taking a peek at the email before the recall actually happens to discover what you’re not meant to see. So, in many cases, even if the sender quickly recalls an email sent in error, they can’t be certain confidential details haven’t already been seen. However, when you revoke an email with Zivver, it quickly restricts access to the email and, if it hasn’t been opened, you can be confident its contents are secure. And if it, or an attachment, has been opened, you will be able to see that it has, and you can then assess the security implications.
It is too hard to remain secure
Your business is only as secure as its weakest point, which is why it is important to make sure your whole team is taking digital security seriously. However, this can be tricky. If being secure is too much hassle, or makes it difficult for people to do things such as send large emails securely, then people are less likely to comply. It may even lead to the use of “shadow IT” – business teams using unapproved, outside tools and services that are simpler to use – which risk sending your data into a digital wild west. Zivver has built its platform on the principle that security must be “effortless”. When sending secure emails through the platform, everything is taken care of behind the scenes. To your team it’s a simple, silent, browser plug-in. And recipients outside your organisation don’t need special software to receive a secure email from your team, they can just click a link and enter a code sent via SMS or in a separate email.
We all make mistakes
The most difficult part of keeping our businesses secure isn’t IT – it’s us humans. Try as we might, no one is perfect. We’ve all sent the wrong attachment or cc’d the wrong person. Mistakes are human nature, and a part of doing business. There’s no way to train your team to do everything right 100% of the time. The trick is to minimise errors by being smart and using a tool such as Zivver, which alerts users to potential issues and supports them through required decisions. Working as a browser plug-in, it will intelligently analyse your team’s outbound communications and apply “business rules” that put a halt to anything that appears disastrous should it fall into the wrong hands. For example, if you were to attach the company balance sheet to an email to a new contact, it would stop the email in its tracks, and alert you – making sure that was what you really wanted to do. And if so, ensure it is protected with customised security.
Secure your digital communications now. To find out how Zivver can help, click here