By Mark Schertler, Chief Security Architect, Axway
Email has been around for decades, yet we still don’t see large-scale use of the email security standards from organizations like the IETF. We still don’t have widespread usage of digital signatures even though the infrastructure is in place to support it. All in all there’s no ubiquitous, easy-to-use way to truly secure email messages and attachments.
Mr. Ouellet is right: People are sending more and more sensitive data. They’re sending it completely unsecured via email, and no matter who is exchanging such emails, this behavior must change.
It’s time we considered solutions outside of the traditional email channel – solutions that offload files and send them through a secondary channel that is easy to secure. In this scenario, email serves as a notification of the existence of a message or file, rather than carrying the message or file itself. Think of how, in the physical world, a courier leaves a sticky note for important packages on your door, rather than the actual package.
And since everything is going mobile now, we must also consider web-based solutions that enable you to attach an encrypted piece of sensitive data to a message – it may still feel like a casual, unsecured emailing experience, but it isn’t, since the recipient must be verified before the sensitive data can be downloaded.
The good news is that these solutions already exist, and they work not only for enterprise email, but across all of the mobile devices currently in use – smartphones, tablets and more.
Axway solutions deliver the ability to send files via a secure, easy-to-audit, easy-to-monitor channel that guarantees all security and compliance requirements are met – the email serves merely as a herald, not the vehicle. Axway also offers web-based interfaces that make it easy for you to use mobile devices to safely and securely upload files, so peace-of-mind never has to be a luxury relegated to fixed locations.
Traditional email is challenging to secure, and after decades of trying, the best solution is to get real about email and let it do what it does best — relay non-sensitive information. Let’s have a more fortified system handle the delivery of the sensitive payload, just as armored trucks — not postal workers — handle deliveries to banks.