It doesn’t matter how many other means of communication your organization adopts, or how many people claim that email is dead: Email is still the number one way that people share information and communicate at work.
Still, there are millions of emails being sent every day that are not encrypted — meaning there are millions and millions of bytes of sensitive data potentially being exposed to prying eyes. Given how easy it is to employ email encryption, there really isn’t any excuse for not doing so, yet many businesses of all sizes still don’t take this very simple step to protect their data. Most of them use the same excuses, and none of them hold up.
“We Don’t Send Sensitive Emails”
One reason that businesses fail to encrypt emails is the false belief that there isn’t anything of value being shared via email. Perhaps sensitive data is only shared in a secure document sharing program, where employees have to log in to see it. Perhaps employees are prohibited from sending certain types of information via email. Or perhaps you falsely believe that no one is interested in what you are sending or receiving.
The truth is, there is always someone interested in what you are sending and receiving via email — and there will always be employees who make mistakes or deliberately break the rules. Even small businesses have fallen victim to sophisticated phishing attacks, in which hackers have used information gathered via intercepted or stolen emails. The bottom line is that any business email is a sensitive email, and you need to secure it as such.
“We Include a Privacy Notice in All Emails”
In a sense, privacy or confidentiality notices at the end of email messages are a lot like speed limit signs: Just because they are there and you should adhere to them, doesn’t mean you always will. Emails are misdirected all the time; getting just a single letter wrong in an email address can cause a message to go astray. Not to mention, if the email is intercepted in transit — and that can happen — the confidentiality notice means about as much to a hacker as a speed limit sign does to a bank robber driving a getaway car.
That doesn’t mean that you should not include a privacy notice at the bottom of your emails. Just understand what it really means and what it really accomplishes, and take other steps, like encryption, to protect the information contained in the message.
Still, there are millions of emails being sent every day that are not encrypted — meaning there are millions and millions of bytes of sensitive data potentially being exposed to prying eyes. Given how easy it is to employ email encryption, there really isn’t any excuse for not doing so, yet many businesses of all sizes still don’t take this very simple step to protect their data. Most of them use the same excuses, and none of them hold up.
“We Don’t Send Sensitive Emails”
One reason that businesses fail to encrypt emails is the false belief that there isn’t anything of value being shared via email. Perhaps sensitive data is only shared in a secure document sharing program, where employees have to log in to see it. Perhaps employees are prohibited from sending certain types of information via email. Or perhaps you falsely believe that no one is interested in what you are sending or receiving.
The truth is, there is always someone interested in what you are sending and receiving via email — and there will always be employees who make mistakes or deliberately break the rules. Even small businesses have fallen victim to sophisticated phishing attacks, in which hackers have used information gathered via intercepted or stolen emails. The bottom line is that any business email is a sensitive email, and you need to secure it as such.
“We Include a Privacy Notice in All Emails”
In a sense, privacy or confidentiality notices at the end of email messages are a lot like speed limit signs: Just because they are there and you should adhere to them, doesn’t mean you always will. Emails are misdirected all the time; getting just a single letter wrong in an email address can cause a message to go astray. Not to mention, if the email is intercepted in transit — and that can happen — the confidentiality notice means about as much to a hacker as a speed limit sign does to a bank robber driving a getaway car.
That doesn’t mean that you should not include a privacy notice at the bottom of your emails. Just understand what it really means and what it really accomplishes, and take other steps, like encryption, to protect the information contained in the message.
“Encryption is Complicated”
Encryption can be complicated, but it doesn’t have to be — and there are plenty of encryption solutions that work behind the email application and do not require any changes to how you send or receive messages. Many encryption services are cloud-based, SaaS solutions that allow for seamless integration; in other words, you won’t notice anything different. On the IT side, many encryption programs also offer easy-to-use key management and dashboard functions, taking the guesswork out of mail protection.
While encryption may not keep your data from being stolen or otherwise accessed by unauthorized persons, it will make it virtually impossible to read it or profit from it. Even if you think that no one could possibly care about what you are sending, or think that you aren’t sending anything protected, someone, somewhere is interested — so don’t let these myths put your data at risk.
Encryption can be complicated, but it doesn’t have to be — and there are plenty of encryption solutions that work behind the email application and do not require any changes to how you send or receive messages. Many encryption services are cloud-based, SaaS solutions that allow for seamless integration; in other words, you won’t notice anything different. On the IT side, many encryption programs also offer easy-to-use key management and dashboard functions, taking the guesswork out of mail protection.
While encryption may not keep your data from being stolen or otherwise accessed by unauthorized persons, it will make it virtually impossible to read it or profit from it. Even if you think that no one could possibly care about what you are sending, or think that you aren’t sending anything protected, someone, somewhere is interested — so don’t let these myths put your data at risk.