NeoCertified-Logo-Vector-Header

Welcome to my blog.  I’m looking forward to sharing with you a number of interesting and timely articles, factoids and other blogs as related to both electronic security as well as some human-engineering related security issues.

In this first entry, I would like to discuss the basic case for secure email and how it not only protects you, but also your clients, employees and family.  It’s not just the laws and regulations that prompted me to get into the secure mail business back in 2002.  Initially, it was simply out of concern to protect my employees’ personal data from the ever-present danger of being intercepted, when I sent their personal data to my payroll service.  (Imagine what a data thief could do with your Social Security Number, full name and address!) Now the problem is compounded even further, as emails are now the primary vehicle for exchanging information – over 100 billion emails are sent every day!  (Check out “The Case for Secure Email,” which details the laws and regulations as they relate to specific industries regarding secure email.)

The challenge, regardless of the legal requirements for email encryption, is probably better viewed as how you’re going to protect your own personal data, as well as the data of your clients and employees.  (Besides an integrity issue, your clients and employees would be upset knowing that you might be the cause of their confidential data being compromised … To say the least!)

 

THE CASE FOR SECURE EMAIL by Peter J. Schaub

Capture

There are a number of really good solutions that easily protect your information; simply saving encrypted in MS Word or Excel, for example (for Microsoft Word or Excel, simply select “Save As,” then select “Tools,” then select “General Options,” the system will then request a password to save and open your document.)  Additionally, most document formats have a similar process for you to encrypt your documents.  This is a good solution for a very occasional encryption process, as taking the next step, informing the recipient of the email of the password to open your documents, is necessary.

There are many solutions to further provide security for your emails: from PGP-based certificates that you apply to your individual computer, to cloud-based solutions, as well as appliance-based (a computer that is hosted in your computer network that evaluates each email that is sent out to determine if the email has data that needs to be encrypted) that provides security for companies that have the requirement for high-volume secure emails (like large mortgage companies or large banks).

Regardless of the solution you select to protect your emails, keep this in mind:

  1. Security is a process, not a product. Once you have selected a tool to protect your emails, you need to determine the rules and processes of what needs to be sent out encrypted … And then do it!
  2. Require your vendors, banks, mortgage company, (and anyone else that has access to your confidential data) to use secure email when communicating with you!
Thank you for reading my first blog entry. If you would like to read all of my entries, please visit Musings from the President.

 

Peter J. Schaub
NeoCertified – President & CEO