Several high-profile e-mail breaches, including the Edward Snowden, Sony Hack and Hillary Clinton, have brought e-mail security into focus for both businesses and end users.
According to the 2016 Cost of Data Breach Study: Global Analysis, Ponemon Institute, in South Africa, the estimated cost of an information security breach is R28.6 million, or R1 548 per compromised record.
So says Dr Aleksandar Valjarevic, professional services consultant at LAWtrust, who will be speaking on 'E-mail encryption challenges - how to achieve security and POPI compliance' at the ITWeb Security Summit 2017, to be held from 15 to 19 May, at Vodaworld in Midrand.
"Securing your e-mails isn't just a best practice - it's the law. Compliance with regulations is a priority for any business, but in particular for government, healthcare and financial services organisations, who must remain compliant with regulatory mandates such as Protection of Personal Information (POPI) Act."
He says there is a great deal more at stake than the risk of regulatory penalties, such as customer trust and company integrity. "If a company suffers an information security breach and records are compromised, the trust that has taken years to foster can be lost in seconds. Earning it back is much more difficult and expensive than protecting it."
Valjarevic says e-mail is an excellent business communication tool. The Email Statistics Report, 2015-2019, by The Radicati Group, revealed that an estimated 42 trillion business e-mails are sent annually, illustrating that e-mail is the still most important business communication tool today.
He says simplicity of use of e-mail is one of the reasons many employees and companies overlook the risks of an unsecured e-mail. "On the other hand, business processes and business reputation depend on e-mail functionality and security. E-mail empowers you, but also puts you at risk."
According to him, compliance requirements and compromised corporate information are real concern. "E-mail is target rich environment and is used often to exchange confidential, sensitive and private data. In combination with the fact that e-mail technology has no built-in security, it represents an attractive target for malicious hackers, disloyal staff and competitors."
By using e-mail encryption to secure sensitive, confidential and private information in e-mail, Valjarevic says companies not only enhance trust with customers and business partners, but also protect their business against the costs of revenue loss, reputational damages and liability associated with a breach.
During his presentation, Valjarevic will discuss the importance of e-mail encryption, what to consider when selecting an e-mail encryption solution, and what the requirements for a good solution are.
Different solutions for e-mail encryption have been around for quite some time, but survey results show that most solutions are too complex for employees to use easily and consistently. As a result, frustration goes up, compliance plummets and the whole "solution" becomes yet another problem to manage.
Further there are issues with ease of integration, configuration and management. This very often increases complexity to already complex business IT systems. In turn, that leads to need for more IT resources and increasing costs, making it difficult to adopt e-mail encryption solutions.
Another important part of the convenience equation is mobility, which must be considered. Users want access to the service anywhere, anytime and they will not compromise on it.
If the solution is not convenient as per above mentioned features, it will hardly be effective.
Share