Intermediahas been on my back telling me that businesses need to consider encrypting their email. I kept ignoring them, but finally decided to at least ASK, is encryption really that important? Take a look at this short Q&A from Intermedia’s COO Jonathan McCormick, you’ll probably learn something new, like I did.
So in essence what businesses have been doing for years is not good enough – having regular email on an email server
Email from a reputable hosting provider, or in-house with the appropriate and constantly updated security and anti-spam tools, is sufficient in most cases. Encryption adds another layer of protection to your email, beyond what is on your or your providers’ servers. It makes the email virtually unreadable as it travels across the Internet, protecting sensitive information about you or your customers. Use it when regulations require it or when you are sending sensitive information – such as social security numbers, credit card number, account numbers, dates of birth, etc.
Is this for all businesses or only some (in regulated industries or dealing with secure information) need to be concerned?
A good rule of thumb is to consider an encryption solution if you answer yes to one or more of these questions:
- Do you share confidential information about your business or customers over email – like account numbers, dates of birth, or highly sensitive internal strategy documents?
- Do you operate in a regulated industry like healthcare or financial services, or in a state with privacy regulations like Massachusetts or California? These regulations may hold you financially accountable for data leaks. Healthcare is a great example. Encryption helps medical organizations comply with HIPAA because it protects patient data from being read by unwanted parties. Policy-based encryption is especially important for such companies, because it allows businesses to set up centrally-managed rules and policies, against which the content of all outgoing emails is scanned. Such a solution helps ensure that compliance is managed automatically and behind-the-scenes and minimizes the risk of human error.
Why encrypt email? It goes from you to me and I have a password for my email. Why is this not good enough?
Email is a great way to share information, and reputable providers and good in-house set-ups can secure your system from intrusion, spam, and other issues. The question is, what happens to email once it leaves servers under your control?
It travels through multiple public and private networks and data lines between sender and recipient. When using encryption services, the sender and recipient have special decryption keys, allowing only those with clearance to read the contents of the message and its attachments. We recommend this if you are sharing important confidential information or operate in a regulated industry or geography. If you use a hosted email service like Intermedia’s, your provider should be able to switch encryption on for you with a number of options. You may want to utilize a policy-based solution that automatically scans outgoing email and applies policies based on the rules you set up. Or, you could use a user-based solution, which allows your users to determine which emails should be encrypted.