Over the past several decades, organizations across industries have spent countless dollars on information security awareness training, the rationale being that investment in people – their biggest asset – will translate into stronger security protocols and better compliance among staffers. However, successfully changing behavior entails far more than training, and it all hinges on systemizing security.
In 2015 we’re going to witness a significant shift from merely promoting awareness to creating solutions and building them into the way that organizations do business. Currently an organization’s biggest risk factor with respect to data security is its people – and solutions and processes will evolve to address this issue.
The problem with data security solutions generally is that they’re complicated to use and easy to bypass on an individual employee level. And, with respect to email security, the level of risk is perceived as minimal. Read more ›
It’s that time of year when email inboxes are flooded with messages from scores of retailers looking to capture sales during the critical holiday shopping season. Consumers are overwhelmed with both the volume of email and the intricacies of the glut of different offers to sort through. And then there are the receipts for the items that have been purchased along with shipping documentation and other correspondence.
With all of the clutter in the inbox from recognizable, friendly brands, even the most vigilant email users can fall prey to fraud. Sophisticated phishing scams trade on brand familiarity, and if a customer has browsed a brand’s website or made a recent purchase, a fraudulent email seemingly sent by that retailer won’t seem out of the ordinary. The open rates for transactional emails hover at around 40% – about twice the rate for marketing emails. And, because these emails are expected and opened at substantially higher rates, fraud perpetrators frequently use a mocked up transactional email to hook their phish. When an email user receives the fraudulent transactional email, opens it, and clicks on a link or provides “verification” around transactional details, the damage is done. Read more ›
There are two schools of thought on IT security training. There are those that believe that training employees on IT security risks and protocols is a worthwhile expenditure and there are those who think it’s a waste of time and dollars. Most organizations, however, fall somewhere in the middle – the question isn’t a matter of training or no training but rather how much and what kind of training is necessary.
In some industries – like health care and financial services – training requirements are subject to regulatory compliance mandates. For those industries exempt from these requirements, it’s up to the organization to determine what level and kind of training is appropriate and how much and where they’re willing to spend. Read more ›
Within most organizations, the nuts and bolts around email security flies under the radar screen – nobody outside the IT group thinks about it until there’s a problem. While most folks are aware of the risks associated with unsecure email, it’s unfortunately generally perceived that these risks are minimal enough to throw caution to the wind. However, when an actual breach does occur, the damage can be devastating. What are the top three threats around email security that keep email experts up at night?
Employee error is the number one cause of email security breach, and it’s hardly surprising since mistakes happen all the time. It can be as simple as sending an email containing sensitive personal information to the wrong person – and just about everyone with an email account has either sent or received an email intended for another recipient at one time or another. Read more ›
Most people discover that their email account has been hacked well after the fact. While it’s embarrassing to field calls, text messages and emails from well-intentioned friends expressing concern that you are stranded in Nigeria and in desperate need of $500, embarrassment is only the tip of the iceberg. Hackers can change your passwords so you can no longer access your accounts or retrieve your messages, and they can delete your contacts and correspondence.
Once you become aware that your email account has been hacked, the protocols around damage control are straightforward and critically important. Read more ›
Tagged with: best secure email
, hipaa compliant email
, how to send a secure email
, how to send secure email
, secure email providers
, secure email server
, secure email service
, secure file transfer
, send secure email
, sensitive information
Posted in Data Security
, Personally Identifiable Information
Lots of financial services organizations have secure document delivery solutions in place – but are their employees actually using them? For most organizations, the answer is “most of the time.”
Because email is an essential business tool that can significantly improve productivity and collaboration, employees use it all day long. And, because employees are under pressure to work quickly and efficiently, they may be tempted to circumvent secure document delivery protocols and email sensitive information that they know should be sent securely.
While their intent isn’t malicious, it is neglectful. And when a breach occurs, it really doesn’t matter if the intent was purposeful or accidental – the damage is the same. Read more ›
When you make a purchase in a retail store, it’s highly likely that the sales associate will offer you the option to receive an electronic receipt via email. For many shoppers, e-receipts provide a convenient, paperless way to store and keep track of expenditures and transactions. And for retailers, e-receipts provide a new and valuable touch point to reach customers with highly targeted offers.
Why are e-receipts such an effective marketing tool? Because people open emails containing transactional data at far higher rates than other types of email communication. How much higher? According to a recent study published by MarketingSherpa, email marketing open rates average around 18.9%. By contrast, open rates for transactional emails deliver a 40% open rate – in excess of double the average.
Because transactional emails are opened at such high rates, they provide a great opportunity to present personalized, timely offers based on what the customer just purchased. For instance, if a customer has recently purchased bath towels, a special discount offer on matching hand towels delivered with the e-receipt is both timely and personalized from the customer’s point of view. Read more ›
With the recent JPMorgan Chase breach affecting an estimated two out of every three households in the U.S., hacking has officially gone mainstream. Reports revealed that data thieves made off with account holders’ names, home addresses, phone numbers and email addresses, and it’s important to note that the risk extends beyond active accounts. In fact, anyone who has logged on to any of the JPMorgan Chase websites or apps is potentially at risk.
Privacy protection experts believe that the biggest risk associated with the breach is that the hackers will successfully draw out more sensitive personal information from affected consumers. And, it’s also possible that the thieves can sell the data to others who can enrich it with publically available online information to create fully-fleshed personal profiles ripe for identity theft. Read more ›
What happens when malicious individuals get ahold of your Medicare information? They sell it and make a bundle – in fact, your medical information is worth 10 times more than your credit card number on the black market. Medicare fraud perpetrators collect a treasure trove of personal data including names, birth dates, policy numbers, and diagnosis and billing information. Then they turn around and swipe IDs to buy medical equipment and pharmaceuticals that can be resold.
When your credit card is stolen, you know it right away because either your bank alerts you, you discover your card is missing, or mysterious charges show up on your statement. By contrast, when a fraud perpetrator captures your Medicare number in concert with your personal information, they can milk it for an extended period of time without detection because you’re unlikely to discover that anything is amiss until Medicare discovers the fraudulent activity and contacts you to investigate. Read more ›
The benefits of EHR (electronic health records) are undeniable and significant. According to a recent ONC (Office of the National Health Coordinator) presentation at Health IT Week, health providers that implement the principles of meaningful use – including computerized order entry and electronic documentation – report substantially fewer patient safety events and a 52% reduction in adverse pharmaceutical events.
A recent physician workflow survey found that nearly 70% of physicians reported that lab alerts and medication reminders were helpful tools to prevent accidental harm to patients with respect to their prescriptions, with 45% reporting that an EHR feature had alerted them to a potentially hazardous pharmaceutical error. For physicians using an EHR system, 51% reported a positive opinion on EHR alerts and 39% reported that electronic medical records improved clinical communication and care quality. Read more ›