Posts Tagged :

Email Encryption

Row of locks with a large red lock in the center
5 Signs Your Self-Service Portal Needs a Secure Message Center 600 237 Christian Grunkemeyer

5 Signs Your Self-Service Portal Needs a Secure Message Center

5 Signs your self-service portal needs a Secure Message Center

  1. You are a financial services, insurance or healthcare company
  2. You have a self-service portal or app
  3. Your customers want to use email and share documents and secure messages electronically
  4. Your employees need to manage inquiries from a single desktop
  5. Security and privacy regulations require it

You are a financial services, insurance or healthcare company

Exchanging sensitive, regulated information with your customers is required to resolve many contact center inquiries and cases. Whether it’s answering sensitive questions, exchanging completed forms, supplying supporting documentation or exchanging a medical record – to resolve customer issues, you need to accelerate and track actionable communications supported by documents that may contain PII and or PHI. And that must be done in compliance with privacy and security regulations.

You have a self-service portal or app

You already provide customers a secure, self-service portal  or mobile application which gives them access to a wide range of information and services they can utilize to get more value from their relationship with you. That’s excellent – but when they get stuck and need to contact support – what options do you offer to secure message, email or share documents necessary for a streamlined resolution? If you limit their choice to out-of-band options (call us, fax us or send us a letter), or if you put restrictions on what they can discuss or share (“email us – but no sensitive info please”) – your CX score will suffer. A recent report by IDC indicates that companies growing at high rates are focused on digital transformation and customer experience – so this REALLY MATTERS to your top and bottom lines.

Your customers are asking for it

Customers want to engage your organization using smartphones, tablets, and laptops – online and through your secure self-service contact center or mobile application. They want to use secure messaging, email, file sharing – and they need to trust you when asking financial or health questions, and when they are sharing their private information and documents. They don’t want to use yesteryear’s technologies – fax, stamps, FedEx or in-person delivery. They would prefer not to call your support number and wait in queue on hold. They want you to make it easy to process their requests and meet their needs thru safe, digital transactions.

Your employees need it

Productive employees are happy employees. Happy employees make happier customers. Happier customers do more business. It’s a virtuous cycle. If you limit the ways your employees can communicate and resolve customer issues – less of those things happen. Customers are disappointed with communication and info exchange options, employees are often left waiting on slower delivery processes, are transcribing information, or working in multiple systems to cobble together a resolution (or get a complete customer history view). If you light up an integrated secure message channel with document sharing capabilities in their contact center desktop – it makes their job less cumbersome – so productivity, happiness and growth can thrive. The virtuous cycle of business life. The wheel of good fortune. (There may just be an Elton John / Disney song in there somewhere….)

Security and privacy regulations require it

And…. that’s the sticky wicket. HIPAA, GLBA, PCI-DSS, HITECH, DPA, GDPR – all there for the right reasons – protecting your customers sensitive information is your obligation – but it sure adds a lot of friction to digitizing your business processes.

And that’s where a Secure Message Center delivers its fundamental value. It allows you to get all the benefits of integrated messaging channels such as tracked email with file attachments, webforms, eforms, native webmail interfaces – with contact center integration. It enables – an efficient flow of inquiry and resolution that moves your business forward, all while providing the trusted security and verifiable compliance your organization needs, and your customers expect.

So what is a Secure Message Center and how easily can it drop into your current ecosystem to light up a secure messaging, email and file sharing channel in your contact center? Happily, there’s no ocean to boil. Learn more about it here, or contact us with your situation – we exist to make implementing this light work for you, and the contact center experience better for your customers.

Learn more about the Secure Message Center
Learn More
Map with hologram of lines and numbers above it
What is DKIM for DataMotion SecureMail? 768 303 Alex Mushkin

What is DKIM for DataMotion SecureMail?

As of November 13, 2019, DataMotion SecureMail and SecureMail Gateway support DKIM so outgoing email messages sent via SMTP are delivered to intended recipients and not rejected or quarantined by anti-spam and anti-spoofing protection measures deployed on recipients’ mail servers. SPF and DMARC are also supported, and defined below.

DKIM, or ‘DomainKeys Identified Mail’ is an internet standard email authentication method designed to combat email spoofing. It allows receiving SMTP servers to check whether an email which came from a specific domain (@xyz.com) was in fact authorized by the owner of that domain. DKIM involves signing each outgoing email message with a private key linked to the sender’s domain name. The recipient system verifies the digital signature by looking up the associated public key published in DNS. Put simply, the DKIM signer uses the private key and the DKIM verifier uses the corresponding public key.  In order for it to work, the sending SMTP servers must insert DKIM-Signature email header fields on outgoing email messages. The owner of the sending domain must also create a DKIMDNS TXT public record.

As stated in the IETF (Internet Engineering Task Force) RFC 6376:

“DomainKeys Identified Mail (DKIM) permits a person, role, or organization that owns the signing domain to claim some responsibility for a message by associating the domain with the message. This can be an author’s organization, an operational relay, or one of their agents. DKIM separates the question of the identity of the Signer of the message from the purported author of the message. Assertion of responsibility is validated through a cryptographic signature and by querying the Signer’s domain directly to retrieve the appropriate public key. Message transit from author to recipient is through relays that typically make no substantive change to the message content and thus preserve the DKIM signature.”

SPF is an email authentication method which is also supported, to combat email spoofing. It allows receiving SMTP servers to check whether an email which came from a specific domain was in fact from an IP address authorized by the owner of that domain. The owner of the domain must create an SPF DNS TXT record. The sending SMTP servers do not need to do additional work for SPF.

DMARC is an email authentication protocol (set of rules) to combat email spoofing, also supported by SecureMail. It allows receiving SMTP servers to authenticate based upon instructions published by the owner of a specific domain. The owner of the domain must create a DMARC DNS TXT record which specifies which email authentication methods (DKIM, SPF, or both) are supported for that domain. The sending SMTP servers do not need to do additional work for DMARC.

For information on enabling DKIM, SPF and /or DMARC, please visit our knowledge base, or contact support.

Learn More about the DataMotion secure mailbox
Learn More
Blue and purple burst with code in the center
3 Things to Look for When Selecting Email Encryption APIs 600 237 Alex Mushkin

3 Things to Look for When Selecting Email Encryption APIs

If your business process and workflow applications handle sensitive data or are in industries subject to privacy laws and regulations, adding encrypted email functionality can give you an edge. By incorporating secure email technology, you can reduce the risks associated with data theft, accidental exposure and regulatory compliance audits. An easy and fast way to add this functionality is to leverage email encryption application programming interfaces (APIs).

Application programming interfaces, or APIs, can be a blessing – or a nightmare. Use the right one and your application just expanded its reach and functionality, adding to your bottom line.  Use the wrong one, and you’ll be in development for perpetuity – or worse.

Here are three things to look for when selecting email encryption APIs for securely moving data:

1. API depth and breadth. Depth and breadth give you control over more aspects of how the API works with your app. Look for multiple types of APIs and, ones that can operate at multiple levels including:

    • Secure Messaging APIs. These are the APIs that send and retrieve data, usually by leveraging a standard email address or an internal one derived from a user’s account number. Look for APIs that can handle multiple types of data, including encrypted email, files and form data.
    • Administrative APIs. Capabilities to look for here include things like password reset, managing users and their account settings, and integrating with Single Sign-On (SSO).
    • Provisioning APIs. When the use of your application takes off and grows, so must your API. Look for the ability to programmatically provision service and on-board new users.
Check out our API developer site CTA

2. Full support from the API provider. In addition to standard consulting and ongoing technical guidance, look for:

    • Software Development Kits (SDK) with multiple language support, including C#, VB.Net, Java and PHP, along with SOAP and REST protocols.
    • Technical reference guides that accurately document each API function and data structure. Sloppy documentation could indicate subpar operations.
    • Demos for each supported programming language, including working sample applications with documented source code that demonstrates the implementation.

3. Pre-production sandbox environment. A full service, fully contained, pre-production environment allows you to quickly and safely create, test and preview your application.

Look for these three things and you’ll be well on your way to a successful API integration.

Ready for a Free API Trial?

Free Trial
Green lock with lines moving out of it
Email Encryption As a Solution or A Feature? 600 237 Bob Janacek

Email Encryption As a Solution or A Feature?

Technology products often evolve over time from standalone solutions to integrated features. This can take years, or even decades to occur, depending on the sophistication of the solution, and how easily it fits into an existing application to add value in a broad set of use cases.

The most obvious examples are on the smartphone where we have long ago (in tech years) absorbed our digital cameras and GPS devices, and perhaps more subtly, photo editing software and directory services.

Email Encryption – from product to feature

Email encryption has been an adjunct service and solution that overlays and complements most email services and UIs, Microsoft Exchange and Outlook as prime examples. Virtually all email encryption solutions work with the Microsoft email server and client, even as it migrated to the cloud as part of Office 365. Microsoft introduced its own email encryption solution, Office Message Encryption, as an option and integrated feature of Office 365 in 2014. It has been improved since introduction, and while it still has some limitations (link to Osterman webinar), for many users that need an ad hoc solution for HR and legal departments – it is quite sufficient, and eliminates the need for a specialty vendor (DataMotion included). While it’s not without cost, it is appealing to organizations seeking to reduce the number of 3rdparty solutions and vendors in their IT mix.

Also, in the cloud email service provider space, Gmail has implemented a widely enabled encryption technique as a default (TLS), and in so doing, provides opportunistic security for all email traffic originating from their service. While it doesn’t assure compliance, it does take a significant step towards ‘email encryption as a standard feature’ vs an overlaid 3rd party solution.

Email Encryption as a feature – benefit

As noted – most email encryption solutions already integrated very well with Outlook and Exchange, which in effect make them a plug-in toolbar button feature of Outlook, invoked with a click. So it has already been reduced to a feature of email in this way for most ad hoc, desktop requirements. Yet, the use of email for messaging and file exchange is not always a desktop ad hoc function.

Email Encryption, CRM, Contact Centers and Mobile Apps

In fact – where it matters most – in high volume business processes handling regulated information, Outlook (or any webmail interface for that matter), is not the best place to send and receive messages and files. CRMs, contact centers, practice management software, electronic health record systems, and custom database applications are the applications that often house the data and track the interactions with customers, partners (or patients). Shouldn’t email encryption be a standard feature of those solutions? And for situations where the customer, client or patient need to initiate an inquiry – shouldn’t a secure email channel be a feature easily accessible to them too through customer facing interfaces and apps such as websites, portals and mobile apps?

Enter the EMAIL ENCRYPTION API

While email encryption vendors can extend the existing Outlook style ‘plug-in’ model of creating applets to expose their email encryption service as a ‘toolbar button’ in popular CRM UI’s (Salesforce for instance) – this approach doesn’t scale well, and doesn’t always accommodate the use case at hand, or fit into customer facing services such as self-service portals or mobile apps. In these cases, a native solution is best, using web service email encryption APIs to provide secure messaging, file and form exchange to support high volume applications with trusted security and verifiable compliance.

This application of email encryption APIs lends itself best to healthcare, financial services, insurance and government applications, at enterprise scale. These organizations are best positioned to migrate off standalone email encryption solutions, and leverage the benefits of email encryption as a feature thru the use of APIs.

Email Encryption APIs for Mid-Market Solution Providers

While enterprise class organizations have the resources and transaction volumes to leverage APIs for integrating email encryption as a feature into their workflow process and enterprise apps, broader market benefits are derived from integration with platforms that provide core utility in the healthcare, insurance, financial services and government sectors. Digital banking platforms, digital insurance platforms, electronic health record systems, chronic care management systems, practice management systems – all can benefit from a robust secure messaging and file exchange feature – and email encryption APIs deliver both a ubiquitous method of sending and receiving messages (and files) as a toolbar feature of the application’s UI.

Email Encryption APIs: innovation and disruption

Viewed thru this lens – the email encryption API is both an innovation and a disruption to the existing email encryption product status quo. There are dozens of companies offering email encryption as a subscription service, with very little differentiation, and frankly – very little end user love. Most email encryption solutions are burdened with cumbersome, multi-step processes either for the recipient, the sender, or both. It is a mature solution – most organizations that need it have a subscription (SaaS). It is a software solution that is ripe for disruption, and ready to be consumed as a feature instead of a separate product. Email encryption APIs can deliver that disruption – and yield a better tool for moving sensitive business communications and processes forward.

Are our APIs right for your email encryption solution?

Try them out with our free trial.

Free Trial
Graphic of person working on a computer with a headset on
Webinar: Cybersecurity Issues Plague Customer Engagement 768 305 Monica Hutton

Webinar: Cybersecurity Issues Plague Customer Engagement

Survey reveals online communications between customers and employees hampered by security and compliance at financial services and insurance companies.

FLORHAM PARK, N.J. – October 23, 2019 – DataMotion™, a leading provider of secure data exchange solutions, today announced a webinar in conjunction with Gatepoint Research entitled “2019 Survey Results: Cybersecurity Issues Plague Customer Engagement” The webinar will be presented on Thursday October 24, 2019, at 2 pm Eastern. It will feature Doug Barth, CEO of Gatepoint Research, and Christian Grunkemeyer, Director of Sales, DataMotion. The survey revealed that improving customer experience is a priority and that the ability to exchange confidential documents and forms electronically is often limited, or forces customers back to paper, postal mail and fax. This and other key findings will be presented during the webinar.

“Customer experience improvement as a priority continues to grow across all industries, but has become particularly relevant for the financial services and insurance industries. Understanding the scope of what is needed to deliver a truly exceptional customer experience is critical to making it actually happen,” said Barth. “Now more than ever, it is vital that these organizations provide the digital communication tools necessary to give their customers what they are looking for quickly and efficiently. The research shows that customer experience improvement is top of mind for these organizations and is a top priority for 2019.”

The informative webinar will review highlights from the recently published 2019 Pulse Report on customer engagement trends including:

  • Customer engagement communications methods
  • Top customer engagement priorities for 2019
  • The “wish list” for engaging customers and recommended actions

“The study shows that while there is progress being made towards a 360-degree omnichannel, there are opportunities for organizations to be more competitive here, particularly around secure channels of communications through self-service portals,” said Grunkemeyer. “Data security and privacy concerns can make it difficult to integrate these systems to one place, such as a full-service customer portal. Organizations that can find ways to integrate these kinds of communications have an opportunity to provide a service that many competitors do not – giving them a leg up in the market”

Attendees may register for the webinar by clicking here.

For more information on DataMotion solutions for, please visit https://datamotion.com.

About DataMotion

Since 1999, DataMotion secure data exchange technology has enabled organizations of all sizes to reduce the cost and complexity of delivering electronic information to employees, customers and partners in a secure and compliant way. Ideal for highly regulated industries, the DataMotion portfolio offers easy-to-use, CX friendly, encryption solutions for emailfile transferforms processing and customer-initiated contact. In the healthcare sector, DataMotion is an accredited HISP (health information service provider), Certificate Authority (CA) and Registration Authority (RA) of Direct Secure Messaging. The DataMotion Direct service enables efficient interoperability and sharing of a person’s data across the continuum of care and their broader lives. DataMotion is privately held and based in Florham Park, N.J. For the latest news and updates, visit https://datamotion.com, follow DataMotion on LinkedIn or Twitter® @datamotion. 

# # #

Media Contacts:

Monica Hutton

DataMotion

(973) 455-1245 x510

monicah@datamotion.com