Most service providers, including most of the free ones such as gmail or yahoo, provide SSL encryption, leaving many people under the false impression that they are secure enough to send confidential data over email. However, SSL encryption is not enough for true security and compliance – SSL by itself provides no proof of encryption, can easily be compromised by bugs such as the Heartbleed Bug, and provides no tracking of your email which is a necessary component for some compliance requirements.
Email bounces through many servers before reaching its recipient.
Even if you are emailing a client or a partner whose office is literally next door, your email will bounce through possibly dozens of servers. Each server is a potential point of compromise, and identity thieves see these servers as a treasure trove of information. Utilizing bugs with SSL or misconfigured email clients, these criminals have the means to pour through data and use it to their advantage. You might not even know the server has been compromised, and non-encrypted emails bouncing through these servers are an easy target.
Just how many servers does my email go through?
Test for yourself, or have an IT professional run a traceroute on the path of your messages.
- Get into a CMD prompt by typing Windows-R, then type “CMD”
- Type “tracert <Webaddress>”, without the brackets. This might look like “Tracert partnersname.com”.
- Now you will see all of the servers and locations that your e-mail has bounced through in order to reach its destination.
It’s not just patient data at risk.
Consider the information you send through regular mail. Is it worthy of an envelope, or will a postcard be safe enough? Is there financial or personal information that you don’t want your mail carriers to read about? Encryption can be seen as an envelope that can’t be opened until it reaches the recipient. This is becoming more important as cyber-crime is on the rise, and for the most part, automated by bots and rogue applications. Encryption is the envelope which makes you immune to possible breaches along the path to delivery.
What else does an encryption service do for me?
A complete service for registered email and encryption is very affordable, as the market is full of competitors. If you are thinking about encryption, you can keep your price competitive by adding value in services such as
- Return Receipt – get the time that the email was legally delivered
- Avoid Passwords – use a service that provides compliant encryption without giving your recipients another password to remember
- eSign – just like Registered Postal Mail, use a service that has the ability to request an eSignature from your recipients.
- Contracts Made Simple – eSigning for contracts is 100% legally binding.
Make it easy.
Use an encryption suite which works with Outlook, or other email clients currently in use.