If you’ve been paying attention to the news in recent weeks, you’ve been hearing about high-profile email hacks. Individuals or state actors have stolen and begun releasing the contents of a certain presidential campaign’s emails to the press.
Now, setting aside any political elements to these recent stories, the technical side of them should be downright terrifying to businesses and individuals who send sensitive information over email. These stories remind us how insecure email really is.
Why Email Is Insecure
Imagine sending a letter via snail mail without an envelope. The individuals at every point between your mailbox and your recipient’s could, if they chose, read its contents. Sound scary? That’s pretty much what you’re doing with your emails. If you’re sending emails to individuals on different domains, your emails are passing through numerous servers all over the world before they get to your inbox. And, at every point, individuals with know-how could, if they chose to, read the contents of those emails.
Email Encryption Is Your Best Defense
So, what’s the solution? Email isn’t going away anytime soon, so businesses who want to safeguard customer information, trade secrets, and other confidential correspondence need to implement email encryption.
Email encryption makes it virtually impossible for anyone except the sender and the intended recipient to view the contents of an email message. And, thankfully, there are numerous options available on the market for email encryption.
Most solutions allow the sender of an email to determine, before sending it, whether or not they would like to encrypt the message. The best ones, though, also enable businesses to implement policies for encryption.
Solutions like ZixGateway, which Affinity offers as a hosted service, scan all outgoing messages for certain kinds of information (social security numbers, financial account numbers, health information, etc.) and automatically encrypt any email messages that contain them. Policy-based email encryption is essential for organizations who have to maintain compliance with regulations, such as medical practices (HIPAA) and financial services institutions (SEC/GLBA and FINRA).
Really, though, email encryption is a necessary tool for any business or organization that values the privacy of its members’ and customers’ data and the security of its internal data assets. According to a study by IBM and the Ponemon Institute, the average cost of a data breach in 2016 is $4 million, or $158 per confidential record stolen (that goes up to $363 in the healthcare industry). Even for small businesses, those numbers could add up fast. Safeguards like email encryption, then, are absolutely essential for preventing catastrophic losses.
The recent reports of email hacks won’t be the last that we hear. Make sure your business doesn’t end up in the headlines for the wrong reasons. Contact us today for more information about implementing email encryption.