Controlling access in shared mailboxes
Across all industries, and in businesses large and small, teams use shared mailboxes to streamline communication and make staff more efficient.
Take one example, where personal assistants have access to managers’ inboxes in order to book appointments, organise workflows, contact stakeholders and generally run a tight ship to keep day-to-day processes operating smoothly. Elsewhere, a joint mailbox might provide a single point of access for a number of staff working as part of the same team or on the same project. In these and many other circumstances, having access to a shared mailbox is a significant requirement for being effective.
But there’s a problem.
Let’s use a law firm as an example but remember that this issue of access in joint mailboxes is widespread.
Most law firms will work in the same way: lawyers have one or more legal secretaries who have full access to their mailbox. As you can imagine, lawyers deal with vast amounts of confidential information and have often given their secretaries full access to all email, including highly sensitive content that should only be viewed by authorised recipients. For example, partner-to-partner email correspondence could contain information about current cases, relate directly individuals in the firm, comment on staff and business performance, or feature a wide array of HR topics. Giving this information a wider audience than it requires could be incredibly damaging, risking data breaches and potentially infringing on EU GDPR requirements.
Email encryption in shared mailboxes
To continue with our legal example, partners or senior lawyers will therefore frequently need a way to communicate securely to each other, restricting the access to legal secretaries to only content they are authorised to view.
Message-level encryption is a way to control access in shared mailboxes, ensuring only authorised people can access sensitive content. This works because you authenticate access to the content against individual email addresses. For example, an encrypted email is sent to firstname.lastname@example.org. Authentication with the encryption key will only occur against that specific email address, so when the shared mailbox is accessed by email@example.com, it is impossible for them to decrypt the message. The message will sit encrypted within the mailbox until it is decrypted using the authenticated email address and will re-encrypt once they navigate away.
You can quickly see how message-level encryption can promote the productivity and benefits of shared mailboxes, while also preventing people from seeing all content.
It’s vital you avoid the user pushback that legacy data security tools have received from users who just need a way to send and receive email securely, without having to manage certificates, configure S/MIME or PGP, or supply keys. None of these would help secure email in shared mailboxes effectively and efficiently anyway.
Message-level encryption that’s integrated into Outlook, Office 365 and G Suite doesn’t require additional work for either senders or recipients; there’s no certificate signing or key exchanging to wrestle with. What you get, though, is assurance over data privacy and integrity with full control over exactly who has access to your highly sensitive unstructured data, whether it’s contracts, financial information or HR investigations. Message-level encryption provides this assurance whilst enabling assistants and teammates to work effectively. It’s a recipe for security, productivity and compliance, just as the stakes are getting even higher.