Call a Specialist Today! 800-886-5369

Trustifi White Paper


Traditional E-mail Is Not Safe

E-mail communication is the backbone of modern days business. Billion-dollar decisions are made based on information received via e-mails. It is critical that e-mail is arriving to the right person with the content the sender intended to send.

E-mails are not direct messages between the sender and the recipient. Traditional onpremise or cloud-based e-mail solutions are providing security and integrity of your message only to the point when the message leaves your email exchange.

After the e-mail has left your environment it passes through many other servers, nodes, and gateways on the way to the recipient. All these points are a potential threat to your e-mail content and integrity. Even a small vulnerability at the recipient’s end or a misconfiguration at any of the hosts the message has passed through can expose the content of the e-mail, or give an opportunity to bad actors to modify the content,
without you knowing about it.

You don’t have control over what would happen with your message if it is copied, modified, printed or stored— it is all out of your control. You as a sender can’t prevent recipients from further disseminating e-mail accesses on other devices, thus giving even more opportunity of exposure. The ability to authenticate the recipients to ensure the identity of the intended recipient is not available in a traditional e-mail
environment, therefore necessary compliance requirements that are mandatory in many industries can’t be fulfilled.

Traditional e-mail solutions are not compatible with recent changes in the privacy regulations (CCPA, LGPD) nor with other major compliance regulators (HIPAA, PII, GDPR).

Basic Email Architecture

The Trustifi Solution

To provide trackability, encryption, and email security in a single platofrm is the kind of challenge that requires a tremendous amount of resources, knowledge, and time. Trustifi’s secure e-mail architecture provides a simple yet very secure solution for all of the challenges explained above.

The e-mail message from your trusted network of on-premise or cloud-based e-mail servers travels to Trustifi’s secure virtual private cloud storage which is fully encrypted with AES-256 encryption algorithm. The encryption key is your own private key which is stored and managed by Trustifi. Now your data can not be duplicated, hacked, or modified and you can track what is happening with your message.

Trustifi sends a notification message to the recipient about the message you sent to the receiver. The recipient authenticates itself via a secure channel, encrypted by TLS 1.2 and after successful authentication, Trustifi sends your full decrypted message to the recipient. Secure, traceable, confirmed, compliant e-mail delivery: Done.

Trustifi Email Architecture

With Trustifi apps (for Outlook, Outlook 365, Gmail and Trustifi Web Portal) secure e-mail sending and receiving is the easiest to use and deploy email security platform on the market. You can track every step of your message life-cycle including, receive and read confirmation.

For increased security, you can set special attributes of your e-mails like blocking certain recipients to access, the message, set recall date and time, configure expiration date and time.

Recipients can be forced to use multifactor authentication when accessing the messages providing the highest level of confidentiality, security, and integrity of your message life-cycle.

 


California Customer Privacy Protection Act

The first American privacy act issued by the State of California becomes effective by January 1st, 2020. It is affecting both customers and businesses not only in California but anyone who has customers or business to business relations with California.

Any company must comply with the regulations who does business in California, operating for profit, collecting customers personal data and have one or more characteristics:

If they are handling customers who are defined by the law as:

The law defines what it is considered as ’’personal information”: “identifies relates to, describes, is capable of being associated with, or could reasonably be linked, directly or indirectly, with a particular consumer or household”.

For example:

The act grants certain rights (similar to EU GDPR) to customers related their personal data, the rights are the followings:

These rights must be provided to customers falling into the California ’’categorization” from January 1st, 2020 effectively. Furthermore, any business needs to be compliant with CCPA has to provide the following disclosures to the customers at or before starting the collection of personal data:

Enforcement of the Law will be carried out by the General Attorney of California and companies failing to comply with the regulation should accept penalties:

From $100 to $750 per violation or actual damages, whichever is greater. Keep in mind that with statutory damages, consumers don’t have to prove that they incurred that actual financial loss, they have only had to show that the company violated the law!

Becoming compliant with CCPA requirements challenging and requires focus and organized efforts from any company. Trustifi is voluntarily compliant with CCPA already, and its customers who use their email security platform can rest assured they are in compliance with CCPA.

Providing a secure e-mail solution is a trust-based service and Trustifi enables its customers and business partners to get a clear understanding of its privacy practices and world-class security solutions to protect the customer’s data.

 

Download the Traditional E-mail Is Not Safe White Paper (.PDF)

Download the CCPA White Paper (.PDF)