E-mail encryption now with tokenless two-factor authentication

Johannesburg, 25 Nov 2009
Read time 2min 20sec

As more business services move into the cloud and e-mail becomes increasingly easy to access from anywhere, there is growing legislation governing business-related e-mail communications and the need for a secure communication channel.

Hennie Moolman, Managing Director of network security expert, AfricaSD, highlights current South African legislation and suggests an easy to way meet both existing and future legal requirements.

As e-mail becomes increasingly easy to access anywhere in the world and businesses become increasingly dependant on e-mail for a competitive advantage, companies have to address the potential security threat posed by such an environment.

While much of South Africa's digital communication and security is governed by common law, there is existing legislation that requires certain e-mailed documents - such as credit notes and invoices - to be encrypted, secure yet accessible to recipients, auditors and authorities.

SARS dictates that all tax invoices, debit and credit notes be transmitted with at least 128-bit encryption, and the Electronic Communication and Transaction Act 25 of 2002 and Financial Intelligence Centre Act 38 of 2001 (FICA) have brought local electronic communication more in line with international best practices.

In fact, many South African companies are eager to pre-empt impending legislation and implement tighter security measures because it makes sense to protect sensitive commercial documents and data, but anticipating the necessary requirements, such as a Public Key Infrastructure (PKI) or digital signature system, and still being able to take advantage of cloud-based e-mail communications can be challenging and prohibitively costly for many small-to-medium organisations to consider.

Nonetheless, a simple and cost-effective way for businesses to secure their e-mail communications is through two-factor authentication security offerings. Two-factor authentication requires the recipient of a message to access it via two channels, such as combining an e-mail URL address with login details forwarded to the recipient's cellphone.

This approach allows organisations to protect their confidential and sensitive company communications, both internally and with customers, in a way that does not require costly network infrastructure overhauls.

While there are a number of two-factor security options available, clients should look at those that meet the minimum requirements for secure communication and are easy to deploy. The options should be easily compatible with industry-standard e-mail clients, such as Outlook, and require no installation or changes from the customer's side.

Such an approach also allows businesses to avoid the delays associated with forcing a new partner or customer to integrate additional security measures on their side and to start trading and dealing immediately and securely.


Operating throughout the sub-Saharan region, AfricaSD provides organisations with a comprehensive network security service that includes security investigations, audits and threat analyses, as well as configurations and deployments.

AfricaSD supplies and supports a comprehensive range of market-leading products, covering every aspect of network security from anti-virus, authentication, content filtering, encryption, biometrics, firewalls and intrusion detection/prevention to unified threat management and wireless and mobile security.

AfricaSD also offers customers and reseller partners 24x7x365 support on all of its network security solutions. As one of the country's foremost security training and certification centres, the company's technical staff are all fully certified and trained on the entire product range and offer a convenient combination of one-to-one help and a wealth of technological resources.

AfricaSD offers its partners the very best products, training, support, leads and free product certifications. It is committed to keeping partners empowered and up-to-date with the latest relevant information and practices by making available, on an ongoing basis, a network of local and international third-party specialists and leaders.

For further information, visit the company's Web site or contact AfricaSD directly on +27(0)86-111-1737 or +27(0)12-665-2513.

Login with