Provider > adviser > consumer email will come under threat
Paul Pettitt, managing director of Origo, warns that the industry cannot afford to be complacent about the threat of email hacking
There is a very real threat to the industry from private and confidential information and data being exposed in transit, where it is not protected. It’s an increasingly used analogy but sending an unprotected email through the system is like sending a postcard through the post – the potential is there for someone to read it and if they so chose, to alter it.
Since it is not news that a company may wish to see publicised, understandably there are relatively few reported incidences of email hacking to date. But, as cyber criminals become ever more sophisticated in the ways that they are obtaining and using information to commit fraud, it may be only a matter of time before they systematically attack financial institutions and their partners such as financial advisers, who could be seen as more vulnerable and hence more accessible targets, and data is stolen for fraudulent purposes.
In a recent survey on electronic security among financial services firms, Origo found that while 8 out of 10 large companies exchange sensitive data on a daily basis, over one third (35%) stated that they never secure emails prior to sending.
The fact is, if you systematically use unprotected email to send the types of sensitive data that are routine transmissions between providers, advisers and their clients, there is little doubt that you are taking a risk and opening your business up to potential fines and claims.
Where email is vulnerable
Email is most vulnerable when it leaves one company to go to another or to a consumer. Emails are rarely sent straight from sender to recipient. More often the journey is staged from server to server. Every time the email is held on a server, which could be owned by anyone, there is the potential for it to be accessed.
The only sure way to protect client data from attack in transit is to encrypt it to the highest standard.
Origo has developed an encrypted email solution that’s freely available to financial advisers. It is called Unipass Securemail and has been used to secure millions of emails already, to and from advisers, providers and end consumers.
The system has been developed in collaboration with Trend Micro – one of the largest global internet security companies – and the technology is based on the Advanced Encryption Standard (AES) military-grade security, which encrypts every email using 2256 possible keys. The encryption happens at the touch of a button, which means there is virtually no change to how users send or receive emails – making it very simple to use
It’s easy to become complacent about a problem that seems only to be lurking in the background but no financial services company, whether a provider or an adviser firm, wants to be in the situation where their data has been stolen and they are facing fines and claims against them – the reputational harm and business impact could be seriously damaging. It makes sense, therefore, to build in protection sooner not later.
Read Origo’s white paper The Importance of Securing Email as Critical Best Practice within Financial Services