Protecting Your Customer One Encrypted Email at a Time

Protecting Your Customer One Encrypted Email at a Time

One of our Diva Creators is smack in the middle of closing on a house this week. While this is an important step toward personal financial security, this process has uncovered several security flaws that big businesses even make.

As you may or may not know, loan officers and underwriters require a mountain of sensitive paperwork to prove your assets are not obtained through fraudulent activity and to ensure you are not putting your loan qualification at risk through large purchases. And, although it may seem like it, the loan officers and underwriters have not singled you out. You simply aren't the only one being asked for your life story in numbers.

And, although you might feel relatively violated throughout this process, there was one unavoidable truth about the whole matter that blew our minds - all this paperwork is passed through email. Paperwork with your previous addresses, maiden name, account balances, numbers, and social security numbers. And, that is honestly just to name a few of the sensitive documents exchanged through email. If you have any sort of grasp for cyber security you might know that email isnt exactly the most secure form of communication.

In theory, one might argue that you don't HAVE to #email these documents directly to the loan officer. And, you would be right. You don't have to. You COULD drive down to meet your loan officer in person and provide this paperwork in person. But, you haven't avoided anything. In fact, you may have opened yourself up to even more outlets for a breach of your private data. Why? Because, that's how big business works. Email is cheap and quick. So, you hand that paperwork to your loan officer, but they proceed to scan every document (which is now in that machine's memory) and email it to the underwriter. You have done exactly nothing to prevent your information from being routed through email. It happens everywhere. Banks, insurance agencies, and everytime you run your card through a card reader.

If you aren't convinced about the growing need for cyber security, then just look at the news. Between the Sony hacks, the Target hacks, and the hacks into multiple government agencies, you might start to wonder how protected you really are out there. If big government agencies and fortune 500 companies can't protect their client data, how could a small business expect to try? It's a matter of priority. Big business runs on bureaucracy and red tape. If it isn't cheap and fast, it generally isn't worth the effort. That's the sad truth. It's about the bottom line. And, #security at that scale costs money.

But, small business runs on quality. You are in business because you can offer a better niche service or product than big corporations. Your business is fueled by passion. You were driven to provide something that you are proud to deliver. So, don't cut corners on security. Protect yourself and your client. If you deal with payment information or any personal information through email consider using encrypted email. It may not protect your communications from a major government entity or from someone with a lot of time and processing resources, but it will prevent people from hijacking your accounts, changing passwords, logging in as you and stealing information or from looking through other information to concoct a phishing scam against you or your clients.

Note that information security demands work on your part and on your client's part in some cases. But, your customer's will thank you if it is all in an effort to protect their information.

To effectively protect your email, you should encrypt three things:

• The connection from your email provider.
• Your actual messages.
• And, your stored, cached, or archived emails.
• How to encrypt email connections:
• First, you need to set up Secure Socket Layer (SSL) and Transport Layer Security (TLS) encryption. This is pretty much the same protection you depend on when checking your bank statements online.

To ensure your SSL/TLS is active, your email web address bar should display https instead of the standard http. You should also see an additional indication such as a notification next to the address bar or a yellow padlock symbol on the status bar at the bottom of the browser window.

For web-based email, if you don't see indicators for SSL/TLS encryption, simply type s after the http portion of the Web address. If the email provider supports this type of encryption, this will generally prompt the program to do what you need.

If you use a desktop email program like Microsoft Outlook or a smartphone/tablet application, encryption may be a bit harder to setup and verify. But, don't let that discourage you from using SSL/TLS encryption. To do so, navigate to the settings menu and look where your account is labeled as a POP/SMTP, IMAP/SMTP, HTTP or Exchange account. Typically in the Advanced settings menu, you should find an option to activate encryption.

Stay tuned for next week's #TechieTipTuesday on how to encrypt email messages and how to encrypt stored messages.

Written by

Sandra Templeton