So you think you know everything about email security?

Secure email & file sharing - How to prevent data leaks while communicating and sharing data digitally.

Emailing has become a staple of everyday life. In this page, we will cover a series of topics related to secure emailing best practices, as well as how to identify and avoid safety threats that cause data leaks.

Table of Contents

01

Sending personal data and sensitive information via email

02

Causes of data leaks

03

Why use secure email for data leak prevention?

04

What is two-factor authentication (2FA)?

05

Secure email solution by ZIVVER

Introduction

ZIVVER_safe-mailing_app

The convenience and speed of exchanging data via email are unparalleled. Businesses, in particular, have grown increasingly dependent on it. Nevertheless, the benefits of email come with a trade-off, information security. The vast majority of data leaks happen while emailing and file sharing. Contrary to what most people believe, the main offender is an innocent and well-intended individual who commits an error such as misspelling an email address. The topics on this page cover specific points of interest that all businesses should address, implement, and enforce to avoid data leakage related to human error during digital communications and its consequences.   

01

What to do if you need to send personal data and sensitive information via email

Read this section to discover how to properly send sensitive or personal data

rick_closeup

Rick Goud

CEO

ZIVVER_safe-mailing_app

Sending personal data and sensitive information via email

IT managers and CISOs face a serious challenge when it comes to sending sensitive information and private data via email; how to avoid it from ending up on the wrong hands? Prevention is imperative since If it happens, it could potentially put into motion a series of unfortunate events such as:

  • Data Leaks
  • Reputational damage
  • GDPR violation fines
  • Legal & Financial repercussions

Sending personal data by email is not only dangerous, and if you are an organization, it's also a violation of GDPR that can lead to severe consequences.

Personal data has become the most expensive commodity in the world, suppressing oil. Corporate giants such as Google and Facebook base their business model on it. The GDPR and other private data protection laws were put in place to protect the people from the threat of private data abuse.

 

Additionally, to give them control over their personal data, and to hold organizations that misuse it accountable. Sending personal data by email insecurely means that the information it contains it's out in the open, like a postcard. An organization that sends personal data insecurely is exposing their clients' private data, which is a GDPR violation. Thankfully, secure email platforms have been developed to protect both organizations and their clients from data privacy legislation noncompliance repercussions.

 

 

What is considered personal data?


According to the European Commission, sensitive personal data is any information that relates to an identified or identifiable living individual. Different pieces of information, which collected together, can lead to the identification of a particular person, also constitute personal data. Create recognition by giving more insight into personal data and explain the challenges/risks of sending this data by email.

Personal data that has been de-identified, encrypted, or pseudonymized but can be used to re-identify a person remains personal data and falls within the GDPR scope. Additionally, the GDPR does not differentiate personal data, and sensitive personal data, misuse of it is treated the same way.

 

Personal data under the GDPR


Examples of personal data under GDPR:

  • a name and surname
  • a home address
  • an email address such as name.surname@company.com
  • an identification card number
  • location data (for example the location data function on a mobile phone)
  • an Internet Protocol (IP) address
  • a cookie ID
  • the advertising identifier of your phone
  • data held by a hospital or doctor, or any other organization, which could be a symbol that uniquely identifies a person

Transmitting any of the data mentioned above via regular email is a GDPR violation and can potentially lead to severe reputational and financial damage.

Organizations must have full awareness of what is personal data and how to handle it in digital communications. The ebook bellow is an excellent resource of information.

Download our ebook about awareness

02

Primary causes of data leaks

Want to know what is the primary cause for data leaks? Read on for more details.

rick_closeup

Rick Goud

CEO

ZIVVER_safe-mailing_app

Causes of data leaks

It's widely reported that over 60% of data leaks are caused by unintentional human error while communicating digitally. For IT manager/CISOs this represents a serious challenge such as; How to monitor the staff email activities? How to train employees on safety best practices? How to efficiently avoid human error from happening?

The leading causes of data leaks are:

  • Misaddressed emails
  • Disclosure of information to the wrong person upon request
  • Adding recipients to the CC field instead of the BCC field
  • Loss of storage hardware
  • Hackers, phishing, and malware

Human error is by far the primary cause of data leaks. Prevention is imperative!


All it takes is one mistake by an employee to put into motion the consequences related to data leaks. It's impossible to stop humans from committing errors; however, preventing them is.

Data leaks are one of the biggest nightmares of any IT security professional. The repercussions can be so severe that it might even bring down a business. Regardless of the amount of IT security an organization has in place, the weakest link when it comes to data safety is your employees' activities during digital communication. In this page, we will cover the types of mistakes that cause data leaks. The benefits of implementing a secure email system, its impact in private/sensitive data security, as well as how it solves data security concerns of IT security officers.

 

What is a data leak?


A data leak happens from within an organization and results in sensitive/private information landing in the hands that they don't belong. It is estimated that over 60% of all data leaks reported were caused by human error. Therefore, prevention is paramount. Considering that data protection laws are being put in place around the world, with the EU leading the way with the GDPR and it's strict data protection rules.

 

Consequences of data leaks


The consequences of data leaks depend on several variables. How did the leak happen? The severity of it and its nature. How quickly was the Data protection authority informed, as well as the individuals affected? The first consequence and often the most damaging is reputational. Then comes the GDPR infringement consequences, which can vary from a simple warning to hefty fines that go all the way to 4% of an organization global revenue. For example, in July 2018, the airline British Airways was fined EUR 205 million for not appropriately protecting the personal information of its customers.

 

How to prevent data leaks


It is widely reported that the vast majority of data leaks are due to unintentional human error during digital communication. To avoid data leaks, it's necessary to address the root of the problem, the workforce. Secure email platforms have been proven to prevent data leaks up to 90%, and in many cases completely eradicate it.

Are you curious about how securely your organization is handling the sensitive/private data of your customers? Download the checklist below to find out.

Download our GDPR checklist

Download this page as a PDF: Secure email & file sharing

Lady emailing secure
03

Using secure email to prevent data leaks

One of the best methods to prevent data leaks is to ensure you are using a secure email platform.

rick_closeup

Rick Goud

CEO

ZIVVER_safe-mailing_app

Why use secure email for data leak prevention?

Secure email platforms are the best solution for data leak prevention due to human error. It employs strong encryption and two-factor authentication to decrypt messages. It monitors in real-time the recipients and content of the email and alerts if security issues arise. It also allows for email retracting in case an error is detected after sending the email. Besides data leak prevention, secure email platforms educate employees regarding data protection best practices. It reduces incidents up to 90% or even totally eradicating it, a welcoming statistic to IT professionals. Additionally, it keeps your organization out of the GDPR radar.

 

The importance of data leak prevention


Private/sensitive data security has never been such a hot topic. Data Protection authorities around the world are rolling out strict rules with the EU leading the way with the GDPR. Besides unrecoverable image damage, the fines are astronomical and can reach up to 4% of an organization global revenue. Secure email solutions are the first line of defense for data leak prevention due to human error; in many cases, completely eradicating the threat.

 

Complying with standards and legislation


Secure email is a must for all organizations that transmit private/sensitive data under the GDPR. Noncompliance can result in bankruptcy in the worst-case scenario. Besides, peace of mind is priceless, and so is your organization's reputation. Secure email provides just that: a worry-free environment to send and receive emails securely without violating personal data laws.

Secure email is an organizations' lifesaver when it comes to data leak prevention. Download our productsheet below to learn more.

Download our productsheet

The purpose of email encryption

Email encryption is an essential part of email security. There are several forms of encryption, and they all have the same goal: To ensure that only the sender and recipient have access to the message sent. The email recipient must have a form of "key" to be able to decrypt the message received.

Email encryption is the most common form of email security used by several email service providers. There are different forms of encryption, some more secure than others. It raises the question; what is the safest form of encryption, and how does it work? The answer is asymmetrical encryption, which is used in selective secure email platforms. In the following, we will explain how it works and why your organization should use this type of encryption when transmitting private/sensitive data.

 

What is asymmetrical email encryption?


Asymmetric email encryption uses two keys to encrypt a message. Secret keys are exchanged over the internet or a vast network. It ensures that malicious individuals don't get access to the message. It is important to note that anyone with a secret key can decrypt the message, and this is why asymmetrical encryption uses two related keys to boosting security. A public key is made freely available to anyone who might want to send an email to you. The second private key is kept a secret so that only you and the recipient(s) can read the email.

Why should you use email encryption?

Picture this, you have a confidential message you want to send. However, you send it on a postcard. Everyone who handles it has access to your message. It is out in the open, and there is no way back. You could also send a confidential message in a postcard securely, in this case, you would have to encrypt it, making the message impossible to read. Only the recipient can decrypt it since he/she has the "key" to be able to make it readable. This is precisely the case with unencrypted email, once it is out there anyone who comes across it can read it.

Email encryption is a must for data privacy, without it, your message is out in the open like a postcard. Download the whitepaper below to learn more.

Download whitepaper encryption and privacy by design

What is secure file transfer?

When it comes to sending large files, most people rely on popular services such as WeTransfer or Dropbox. The problem with sending files this way is that it's unknown what happens to the data between sending and receiving it. The most secure file transfer method is through a secure email platform. It employs the same security measures used to ensure that emails arrive to the correct recipients.

We all have been there! Attempting to send a large file with pictures and videos, and our regular email client won't allow us to do it because the file is too large. We resort to free file-sharing services. The issue is that no one knows who has access to it. What if you are a financial advisor and you wish to send a large file containing confidential information to your client? Here is when secure email solutions come along to the rescue.

 

File sharing is routine for organizations in all sectors

File sharing between companies and clients is a daily part of conducting business. However, how do you send a sizeable confidential file securely? Secure email platforms allow large files to be sent as an email attachment. Since its part of the email, the same security and privacy measures, such as encryption and audit of email content and attachments. Additionally, recipients must prove their identity before accessing the file. Best of all, only the sender and recipient have access to it. The secure email platform doesn't store any private files on its servers.

 

The advantages of secure file sharing


The advantages of secure file sharing for business are unparallel and necessary for data protection; some of the benefits are:

  • Protection of attachments with encryption, password, 2FA, and custom expiration dates.
  • Application of content monitoring and data leak prevention measures for all email attachments.
  • Keeping large file traffic off of email servers.

Secure file sharing is part of our secure email solution, a must-have for any business nowadays. Download our producsheet bellow to discover more.

Download our productsheet

04

Two-factor authentication (2FA)

If you are unsure what two-factor authentication is, read on for details.

rick_closeup

Rick Goud

CEO

ZIVVER_safe-mailing_app

What is two-factor authentication (2FA)?

Two-factor authentication is a method of confirming users' identities by using a combination of two different factors: 1) something they know, and 2) something they have. For example, we use 2FA every time we withdraw money from the ATM. To access your account, you need a bank card (something you have) and your PIN code (something you now). The combination of the two factors is the most efficient way to prove someone’s' identity.

The days that a funny username and a strong password were enough to protect your identity online are long gone. Hackers and cybercriminals can access login information within minutes. Under these circumstances, a new layer of security (2FA) has been widely implemented throughout the internet. It protects both the users and services. With 2FA applied, you are always sure that you are communicating with the correct individual.

Two-factor authentication is the best solution for online platforms to prove someone's identity. It is also one of the best methods to prevent identity theft. It is advisable to enable it in all online services that support it.

 

Two-factor authentication and email


Two-factor authentication and email are perfect for each other. Regardless of what type of email service you use, most of them have the option to enable 2FA as added proof of identity measure. Email nowadays is the preferred method of communication in businesses and private lives. Your email inbox contains an immense amount of data about yourself and therefore, must be vigorously protected. 2FA goes a step further than the usual username and password login. It requires that users prove their identity with a code that is randomly generated and delivered only to the owner of the email account. Making it impossible for other individuals to access your inbox.

ZiVVER provides different forms of 2FA for your convenience and your contacts. More information on the productsheet bellow.

Download our productsheet

05

ZIVVER provides secure email solutions

ZIVVER can provide you with a secure email solution, regardless of the size of your business!

rick_closeup

Rick Goud

CEO

ZIVVER_safe-mailing_app

Secure email solution by ZIVVER

ZIVVER is a secure email platform that focuses on preventing data leaks caused by human error. ZIVVER protects businesses against the repercussions of data leaks such as reputational damages and GDPR fines. It also protects your customers against unwanted access to their private information.

Benefits of implementing ZIVVER in your organization:

  • Real-time monitoring of recipients, email, and attachments.
  • Email retraction.
  • Asymmetrical encryption.
  • 2FA for accessing emails
  • Outlook plugin
  • Web and mobile applications
  • Guest user support
  • Secure conversation starters
  • Corporate guest branding

ZIVVER secure email solution is the most comprehensive and future proof in the market. Implementation is a breeze, and the learning curve is minimal since ZIVVER integrates seamlessly to outlook, and Its web and mobile platforms resemble popular email clients.  Also, it gives you the option to customize the secure email environment according to your corporate branding. Conversation starters for guest users is another opt-in feature that allows guest users to start an email conversation in the same secure environment used by your organization.

 

ZIVVER helps your organization to achieve GDPR compliance


By implementing ZIVVER in your organization, you’ll address one of the main GDPR requirements; sensitive/private data protection. Additionally, ZIVVER is a Dutch company. The Netherlands is notorious for being a pioneer of data privacy laws. Respect to individual privacy is part of the Dutch DNA, and therefore part of ZIVVER's as well. Additionally, ZiVVER is always a step ahead by adapting its services before new legislations are put in place.

 

File sharing up to 5TB


One unique ZIVVER feature is the ability to send up to 5TB of data as an email attachment. No other service in the world offers such large file sharing capability via an email attachment. The chances are that you will never have to transmit a set of data this big. However, the old saying "never say never" applies since as time goes by, data become denser, and storage solutions increase in size accordingly. Nevertheless, the option is there, and you will never have to worry about the size of the files you wish to share. If in the future 5TB file sharing becomes part of the routine, ZIVVER will have you covered.

 

The safest method of email encryption


ZIVVER employs symmetric email encryption, which consists of two keys to encrypt a message. Secret keys are exchanged over the internet or a vast network. It ensures that malicious individuals don't get access to the message. It is important to note that anyone with a secret key can decrypt the message, and this is why asymmetrical encryption uses two related keys to boosting security. A public key is made freely available to anyone who might want to send an email to you. The second private key is kept a secret so that only you and the recipient(s) can read the email.

 

Two-factor authentication (2FA) for recipients


Every email sent via ZIVVER requires that the recipient identify themselves via two-factor authentication (2FA). This way, there will never be a doubt that the message reaches the correct individual(s). ZIVVER allows 2FA via a code sent to the recipient mobile phone, via email, or 2FA apps (such as Google authenticator).

Are you curious regarding the positive impact that the ZIVVER service can have on your organization? Check out our pricing plans.

Get started with ZIVVER today