2015 was a bad year for data security—it started and ended with a series of high-profile cybersecurity attacks. No industry was spared, from health-care disasters (think of the CareFirst BlueCross BlueShield breach in May 2015) to financial organizations, from higher-education entities and federal markets to even the security industry itself (with the hacking of LastPass, a password management tool).
2016 is halfway over, but isn’t looking very great, either: the latest count from the Identity Theft Resource Center (ITRC) shows that data breaches are up 24% to date this year.
Should we be worried about the security of our information? Is there still a way to safely exchange sensitive and confidential documents and information today?
Let’s take a look at the main methods generally used for exchanging sensitive documents and data and their effectiveness when it comes to cybersecurity.
You probably already know the threats associated with this one: an email is only slightly more private than a public billboard. Yes, it’s exaggerated, but you get the point.
When you send an email, the message leaves your email provider’s server and travels all over the internet. You have no idea how many servers the message will pass through between the moment you send it and the moment the recipient actually receives it, and you don’t know who has access to those servers.
The vulnerability of emails is the main reason why you should never exchange any sensitive information with this method, such as your credit card information, Social Security number, etc.
For a message to be considered private, the message must be encrypted before it leaves the computer and remain encrypted until the recipient receives it. There are many options available on the market right now for encrypted emails. They give a higher level of security, but there’s an issue with this method, as well.
While you can encrypt your email server connection and use encryption protocols to send it over, it’s not always possible to make sure the recipient has the same set of security practices in place. In other words, you might have securely sent out your documents, but that does not mean they were delivered securely.
Not only are traditional fax machines susceptible to hackers, but they also have a big margin of human error associated with them. What if you dialed the wrong number? What if the fax machine is standing in the middle of an open office, where anyone passing by can have a look at the received documents?
Also, consider the fact that a fax is kind of like an image of a document, which means it’s very easy to forge.
Fax Over IP or Online Fax
Many of the solutions that include fax over the internet equipment offer a level of cybersecurity that companies need.
Cloud-based, online fax solutions add a level of security because of the simple fact that documents generated are stored in the cloud, which lessens the chance that a printed page could be lost, discarded, or stolen by any employees passing by the recipient’s fax machine.
The In-Person Hand-Off
When it comes to secure document exchange, it’s hard to beat the old-school in-person hand-off. It may not the most glamorous way in our digital age but there are no transmission methods that are more secure than physically placing your documents in the hand of the person you want to give those documents. You can still give it a digital touch, such as by handing them a password-encrypted USB thumb drive.
The important thing with this method is that there is no middleman, no intermediary between you and the recipient of the documents. No security breach, non-encrypted transmission method could expose your sensitive data.
What Can Companies and Individuals Do to Protect Their Information?
It’s undeniable that the security and privacy of sensitive and confidential data should be by now a board-level discussion in every organization, as companies’ security needs are constantly evolving due to increasing threats.
According to a research conducted by IBM and Ponemon Research Institute, the average total cost of data breach increased by 23% over last 2 years.
The education of all employees, as simple as it might seem, is an easy way to prevent a lot of problems. Teach your workers to not click on suspicious attachments, or help them understand the benefits of keeping their software up-to-date. Also, have a written policy of what should be sent by email and what shouldn’t.
Companies need to be prepared to employ world-class services that address threats across each aspect of their business so they can build a strong security posture that reduces costs, improves service, and manages risks.
Individuals should also take these threats into consideration and decide which is the best method for secure document exchange based on the sensitivity of the data they’re about to transmit.
The expression “better safe than sorry” take all its sense when it comes to cybersecurity!
About the Author: Sébastien Boire-Lavigne is an executive vice president and CEO at XMedius Solutions, Inc. For over 15 years, Sébastien has been a driving force at XMedius Solutions and has been instrumental in developing XMedius’ technology strategy. Among his many accomplishments, Sébastien led the development of the ground-breaking XMedius Fax-over-IP technology and cloud platforms.
His versatility, wide-ranging technical skills, and keen business acumen allow him to seamlessly bridge the technical-business divide. In addition to leading Product Development, Sébastien is also responsible for Customer Services, IT, and Information Security.
Editor’s Note: The opinions expressed in this guest author article are solely those of the contributor, and do not necessarily reflect those of Tripwire, Inc.