In a recent interview, Gartner vice president and distinguished analyst Paul Proctor predicted that “the new digital risk concept will become the default approach for technology risk management,” and cited an organization’s ability to keep its data safe – particularly with respect to the security of its business documents – as a critical core capability. While most organizations are well aware of the importance of network security, many are unfamiliar with the risks associated with electronic transmission of sensitive information and associated protocols around business document protection.
The transfer of electronic documents containing sensitive information – both internally and externally – happens within organizations across industries countless times each and every day. And as these files exchange hands, it’s critically important to have electronic document management protocols in place to protect confidential files.
While most organizations are familiar with the concept of email encryption generally, many aren’t leveraging encryption software to send sensitive files because it’s just too complicated. Most solutions require that the sender and recipient have the same software installed. While this type of solution can be sufficient for internal communication where the IT department purchases and installs it organization-wide, the significant limitation lies in the inability to transmit electronic documents securely to outside parties, including customers, vendors, partners and more.
Document control outside of the organization is significantly trickier. While password protection protocols keep the network secure and email encryption software preserves the security of electronic transmission of documents within the organization, once the document has been sent outside the building all bets are off.
In highly regulated industries – like financial services and health care – regulatory requirements mandate that appropriate security measures are in place to protect personal privacy. However, in less regulated industries – like retail, hospitality and higher education – sensitive information flies around unsecured for three reasons.
First, there’s a general lack of awareness around the degree of risk associated with electronic document transfer. This is because – at an individual level – the risk of breach is presumed to be low, and the convenience of receiving documents via email outweighs this perceived risk.
Second, it seems complicated to implement secure document delivery capabilities that extend beyond the walls of the organization. This is because it’s exceedingly challenging to convince outside parties to download the software required to safely receive your transmission.
And third, organizations don’t realize the risks associated with transmitting seemingly innocuous files that contain sensitive – albeit not technically “confidential” – information. This would include things like electronic receipts containing personally identifiable information.
From a customer’s point of view, the convenience of receiving receipts, applications, records and more is of significant value. Accordingly, organizations across industries are moving quickly to offer the service. However, to offer the sensitive document delivery without protecting customers from potential exposure is unnecessarily reckless. With cloud-based secure document delivery tools that feature password protection to access sensitive attachments but don’t require that recipients download software to receive the transmission, companies are in a great position to offer the convenience of electronic document delivery and the document protection that’s vitally important to customer-facing business processes.