managing your practice
| By Patti Dock
SECURITY
How to Secure Your Online Communications
Avoid identity theft and fraud by securing communications with your clients and partners.
Advisors regularly communicate
with their clients and partners
via email. If that communication includes private information that
isn’t protected, identity theft or fraud
can leave them in a crisis mode, with
costly brand repair work.
And it’s not just email. Agencies also
share data over the internet through
automated business processes. If your
company institutes a business process
to send an applicant’s personal data
over the internet, have you made sure
that the information is shared securely?
Does it adhere to confidentiality and
privacy mandates?
encryption/secure messaging solution,
email notice and link is delivered from
the sender’s address so that there is no
doubt as to who sent the email. The
link or URL the customer must click
to access the message is a secure link.
The customer can verify this by looking
for an “https” prefix in the URL. Once
the link is clicked, browsers such as
Internet Explorer 7.0 and Firefox 3.0
display a green address bar and a security padlock to indicate that the user’s
connection to the website is encrypted.
What you need to do
Email was designed for the rapid flow
of information without considering accountability and security. So before you
use the internet as a secure communication or data-transfer tool for workflow
automation, ask yourself these questions:
Are we communicating securely with our
customers? Do we offer end-to-end message security, encryption and the ability to
send very large documents securely?
Do you offer end-to-end message
security, encryption and the ability to
send large documents securely?
Here are three things to consider:
■
Use secure encryption. If you communicate regularly with your customers through email, they should have no
doubt about the identity of the sender,
i.e., you. It must be clear that your
email is valid and that opening and
responding to it is safe.
Look for a solution that is easy to
use, provides robust encryption and
guaranteed delivery that ensures the
integrity of your information so that
you can be certain your data won’t
be hacked. This way, your business
partners can trust the source of the
data, and your customers are more
likely to open your emails, increasing your response rate. With a secure
■
Secure external workflow processes.
Once data leaves your company
network, you lose control over it. So
the time to protect it is before it exits.
Find a solution that plugs into existing
business processes to provide protection. Your outside partners, such as
health-care providers, tax analysts,
CPAs, etc., may use disparate systems,
which makes securing email communications difficult. Choose a solution
that enables secure communication
without email platform dependency.
tutions have to deal with the private
information of individuals. Nevada
and Massachusetts are implementing
tougher state standards describing
the steps that businesses must take in
order to prevent data breaches from
occurring in the first place. Nevada’s
encryption law is the first in the nation
and went into effect Oct. 1, 2008.
Massachusetts is set to follow with
a more detailed set of regulations in
May. Michigan and Washington are
in the process of considering similar
measures.
■
Follow industry and government
mandates. Do you have auditing,
reporting and tracking capabilities to
meet compliance mandates? Legislators are aware of email limitations and
have passed regulations ensuring the
privacy, audit and tracking of personal
information. There are federal regulations such as HIPAA, which mandates
the use of standards for the electronic
exchange of health-care data, and
the Gramm-Leach-Bliley Act, which
mandates the ways that financial insti-
Look for a solution that fits into
your existing infrastructure and provides proof that mandates are being
met. Partner with a vendor who can
help secure and streamline business
processes and the sharing of data
between organizations.
Patti Dock is executive vice president of
DataMotion Inc., a secure business communications company, in Morristown. N.J.
Contact her at 800-672-7233.
