Organisations pass data back and forth with their clients every day, with sensitive or personal data being sent over “standard” email or via email with password protected files attached; email security comes second to the urgency of the message.
What does GDPR say about email security?
“Appropriate technical and organisational measures shall be taken against unauthorised or unlawful processing of personal data and against accidental loss or destruction of, or damage to, personal data.”
The ICO have a section on their website dedicated to recommendations and best practice for email security, here.
From accidental deletion, breach or erroneous send, the owner of that email is responsible for ensuring it arrives with the recipient safely and the contents are protected. In addition, when the email is “at rest” on both sender and recipient’s server, it also requires protection.
GDPR is making us all have really a good look at what is sent via email and how safe it really is. Email security is usually overlooked in our haste to deliver a message quickly. There have been stories at the ICO and in the press where emails have been sent to the wrong recipient in error, of emails being read by someone other than the recipient (by accessing their computing device) and of emails being intercepted during send, the sender name changed subtly and recipients responding to a false email address with personal or financial data.
What can be done to secure your email communications?
If you send personal or sensitive information over the internet, you need to ensure it is encrypted whilst in transit and at rest on the server. You need to be able to audit the send/receipt/open process and you need to be able to revoke access to an email sent in error so that an unintended recipient cannot read an email or open an attachment that was not meant for them.
ISO27001 accredited company, SSLPost, have a GDPR compliant solution that does all these things and more. Files, documents and data can be sent securely using our Secure File Transfer solution. All you need is a computing device with access to the internet; there is no software to download or complicated instructions to follow.
SSLPost offer two options; a secure, encrypted email facility and/or a secure encrypted portal facility.
You will find details of the solution here and specifically, towards the bottom of the page where “options” are outlined that include simple, secure email. There are also a couple of videos to watch.
Secure file transfer solutions start at £20 per user per annum with no restriction on the number of times it is used or the size of files transferred.
If you need any further information about email security or would like to engage with our secure file transfer specialist, please contact us and we will be happy to explain the solution in more detail.