Securing Email

Email applications are the backbone of communications and data exchange for enterprise employees. File transfers commonly occur through email attachments. Multiple conversations to multiple parties also commonly occur. Unfortunately, when using email systems, data sits in the open or in the clear on the sending and receiving email servers and ultimately on the recipient’s endpoint device(s) adding to the threat of data security or loss.

Enterprises have a few options that are rarely adopted either leaving them to deploy more exotic Data Loss Prevention (DLP) solutions or “hoping” emails are kept safe. An email protection option on some platforms is asymmetrical (private/pubic) encryption. For example, PGP (Pretty Good Privacy) email servers first require the exchange of public keys between two parties. This exchange of keys must be done every time an email is intended for a new recipient. Of course, the sender must have already created his/her private key to perform the encryption. Other email servers are similar in that you must have a “signing certificate” to prove who you are and exchange an “encryption certificate” with the intended recipient. The process of securing emails is tedious at best and many corporate users have never used them nor to do they take the approach of encrypting or password protecting attached files. That said, those who do, the sender must provide the password to the recipient. Everyone admits they either place the password in the same email as the attached file or just send it in the open on a second email. Both have obvious consequences. As a result, Data Loss Prevention (DLP) processes are having a resurgence but they interrupt the sending of “sensitive content” requiring the sender to respond to a DLP to approve sending the email. To secure emails, the process must be transparent to the users, does not disrupt workflows and once the email lands the email servers or the endpoint device, it must remain secure in case that devices are compromised in the future.

Bonafeyed’s approach to “data security” focuses on the data itself and not the system, protocol or operating environment. Cy4Secure is Bonafeyed’s answer to safeguarding data no matter the data type or size, the endpoint’s mobility, or the application. Anytime data is shared, Cy4Secure quickly and transparently steps in, encrypts the data using dynamically generated keys and then passes the

secured data back to the hosting system to be forwarded off to the recipient(s). In an email, for example, the subject, body of the email, and any attachments can be encrypted. The recipient’s addresses are conveniently used as the collective access group for the protected data. Only those addressed in the email can access the secured data. When Cy4Secure protected data is lost, stolen, abandoned or forgotten, it remains secure and becomes permanently inaccessible once access is removed or retired ensuring cybercriminals or non-authorized users only obtain unintelligible data.