Egress Senior Product Marketing Manager, Fahim Afghan, tells us more about how to give recipients a secure and enjoyable user experience.
When the topic of encryption comes up, Information Security leaders always seem to roll off the same age-old business concerns: “Encryption gets in our way,” “it’s too clunky,” or (my personal favourite) “our customers hate authenticating every time we send them an encrypted email!”
We hear these complaints a lot, especially the frustrations around recipient authentication. And in fairness, it makes sense: you want to protect highly sensitive information that you’re emailing to critical third parties and customers.
However, you also don’t want your key relationships having to navigate barriers to content every time you email them. It’s a painful experience that people naturally don’t enjoy, ultimately reflecting badly on your brand – and that’s simply not good for business! We completely get that.
A better way to encrypt and authenticate
We’ve delivered encryption for both government agencies and the private sector since 2007. In that time we’ve successfully secured some of the most sensitive information on the planet. So, here’s our take on the matter: it’s key to give your guest recipients secure, but seamless, access to encrypted email content.
Our encryption technology – Egress Protect – works by allowing users to easily apply the appropriate level of security from a fully-customisable drop-down menu that’s baked into Outlook. Depending on the classification they choose, they can set a different authentication requirement for the recipient.
That means if an employee is sharing sensitive email content with a trusted recipient (such as a key customer who they want to keep onside), they can choose our “One Click Access” option. This provides an access code that enables the recipient to seamlessly open the encrypted email without even needing to authenticate.
There’s no ID required and no need to log into a separate portal. Just instant access to encrypted content. Our customers love it as they’re able to work securely while also giving their trading partners a good user experience. It’s giving them faster access to critical content, with all the security intact.
Other authentication options
If the user doesn’t deem “One Click Access” appropriate (perhaps the relationship with the guest recipient doesn’t quite have that level of trust yet), then that’s not a problem. We also offer the safety net of more traditional authentication approaches:
1. Users can send Egress-encrypted emails with a “Shared Secret”, which is essentially a single, password-protected message which asks the guest recipient to enter a password or unique identifier only known to them
2. Alternatively, they can rely on the security and safety of the Egress secure web portal, which obliges external recipients to sign into their complimentary Egress account
If you want your recipients to go through the authentication process every time to reduce any kind of perceived risk, then we can still make that happen. However, if you want to minimise friction and enhance your recipient experience, you can have that in your toolkit too.
The technology is completely flexible – that’s the beauty of it.