Thought leadership

Encryption and authentication don’t need to be painful! Here’s how.

by Fahim Afghan
Published on 29th Sep 2021
Encryption Authentication 1440X253

I had the pleasure of being at an in-person event recently.

Aside from the joy it brought me to simply see people for the three-dimensional beings they are, it was of course incredible to connect with the Information Security community once more.

Interestingly, a topic came up in quite a few of my conversations with fellow delegates. And it was one that I wasn’t expecting: encryption. It was often amiable, but on a couple of occasions eyes would roll.

People just find it too hard to use,” commented an attendee, referring to their employees. Now, this is definitely something I hear a lot.

What’s the problem with encryption?

At the conference, a comment from an IT Director at a commercial bank really caught my attention:

The people we collaborate with – customers, brokers, etc – just don’t like the way they have to authenticate with encrypted emails. I’ve even had commercial folk in our business worried that encryption is going to cost us clients!”

Recipient authentication has long been a source of cynicism for organisations who approach us, especially in the professional services world of law, financial services, and consulting. Their customers simply don’t want the friction of having to go through a registration and login process to access an email.

It’s painful and, worse, it reflects badly on your brand!

I completely get that. I recall speaking with a financial services firm not long ago whose brokers felt deterred from pushing prospective customers their way due to what they saw as a painful encryption and authentication experience.

Encryption can be easy

We’ve always believed that it’s important to make encryption easy for both senders and their guest recipients. That’s why we recently developed a unique technology called one-click access, which allows users to encrypt their email but, importantly, also allows the recipient to seamlessly access the email via a one-time unique link.

There’s no need whatsoever to register or login to a separate secure portal.

As you can imagine, a lot of the companies we work with apply this level of access to their most trusted recipients, key customers, and critical partners. The ease with which their guest recipients can access sensitive email content removes the friction associated with security-overload and, of course, makes the organisation look great in the process.

What’s more; their data is still protected with government and industry accredited encryption!

You’re happy that the technology is working, your customers are happy that their data is safe and easy to access, and the folks in Sales & Marketing are happy too.

Flexibility is key with authentication

If you’re reading this and thinking: “Sounds great in theory, but I want our encrypted emails to feel more secure than that,” then don’t worry.

When it comes to email encryption, we believe flexibility is key.

If you want to avoid recipient pushback from key external parties who see encryption as disruptive and a pain, then one-click access is there for you. However, should you want to keep some of the steps associated with encryption, there are other options as well:

  1. Egress ID: This is the traditional means of authentication. Recipients can sign up and log into a secure web portal in order to read, reply to, and compose encrypted emails as a means of communicating with you.
  1. Shared secrets: This is where the user would send a single password-protected email and the recipient would need a unique identifier known only to them and the sender. As an example, this form of authentication can be useful with charity groups who, sadly, must email information to victims of domestic abuse on a joint account, without the offender knowing or gaining access.

Email security as a competitive weapon

With flexible options available, you can apply the level of authentication necessary for your recipients. This means you always keep sensitive data safe – while enhancing the user experience associated with your brand in the process.

And when you can do that, it’s yet another example of email security becoming a bona fide competitive weapon for your business.

Think about all the businesses I meet who complain about their encryption and authentication pain. Take that away and you can differentiate your organisation in the market, protecting commercial relationships and revenues.

Interested in learning more? You can find out everything you need to know about our secure encryption software, Egress Protect, here. Or if you’d like to see it in action, we’d be more than happy to set you up with a no-strings-attached demo.