The Hillary Clinton email controversy is the political story that won't go away. It's like the worst case of spam infestation, a bounce back from the lower regions of the netherworld. Just when you think the scandal has died down, it heats up again.
At issue is whether the former secretary of state and probable presidential candidate used her own email server instead of the government sanctioned (and monitored) server. And, there are a host of ancillary issues. Like any political scandal, it's always a good idea to take stock of how you are operating a small business. Do you let your email run free and wild on Gmail or Yahoo? Have you added encryption to every message that contains financial information and business plans?
To get some perspective, I asked the CEO and founder of the email security firm Virtru to shed some light on why this is such an important topic right now.
What's really the core problem with unprotected email in small business?
We're now waking up to the reality that our email is more like a postcard than a sealed envelope. Without taking due care, our information can easily be exposed. What we've learned over the past year--be it the Sony hacks, or the recent Clinton emails--is that there are inherent vulnerabilities associated with email communication, and an email hack can cause irreparable damages when critical information is released. Once an unencrypted email is out in the wild, no one can control where it travels.
What many small business owners don't consider is that you don't need to be a large enterprise like Sony to be at risk. Small businesses exchange a variety of information over email, such as customer credit card information, social security numbers for freelancers hired to do projects, and more. In not thinking about what's shared over a non-secure network, businesses can expose both themselves and their customers to the damaging effects of a hack.
Many businesses think of encryption as a scary thing, but it isn't any more. There is encrypting technology that simply plugs into your existing email systems like Gmail in a very easy, accessible way. So, for businesses that find the concept of email encryption intimidating--there's no need to anymore.
Why is the Clinton personal email problem a good reminder about what should do to stay protected?
In the past, people and companies have focused security efforts on the networks we read our email on, as well as secure passwords and logins. The problem is, there has been little done to actually secure the messages and attachments themselves. Network security won't help when it comes to hackers uncovering private emails, and the Clinton email situation is a reminder to all of us that what we share over email isn't safe, unless it's encrypted.
Regardless of why Clinton was using her personal email, it's a good reminder that we should take care when we send sensitive information over email--that means encrypting and protecting private information. Many of us share information over email without thinking about security or privacy, but when that information is compromised, it could mean your personal data is exposed. The same goes for small businesses. Not protecting your email means that your information, and your customers'/partners' information, can be compromised.
What can happen to a small business when it doesn't protect email?
If you read the daily news, you know that traditional network security approaches continue to fail us. Just setting up a firewall and hoping for the best means that your email is potentially at risk. This could mean exposing valuable customer information, intellectual property, or financial information. And, if your business is subject to regulations like HIPAA (and whose isn't these days?), you could be subject to hefty fines in the event of a breach. You must secure your information, and that means email.
What are some of the typical ways you can protect email--and what are the common ways that are not that effective?
Sharing sensitive information with customers, partners, vendors, and advisers isn't an option--you have to do it. And you'll probably do that by email--that's the way business communicates. So first and foremost, be careful and thoughtful.
When you send sensitive or confidential information via email, use encryption. It's no longer hard and it doesn't require a PhD in cryptography. At Virtru, we've created an easy-to-use plug-in that works with your existing email service, like Gmail or Outlook. Additionally, Virtru features allow you to recall messages or to keep them in a recipient's inbox for a finite amount of time, reducing many of the risks associated with email communication. The basic Virtru plug-in is free and offers email encryption, while the Pro version offers additional features, such as revoking messages and email expiration dates, for a low cost.
If someone is sending financial data or business plans right now through email, what is the first step to solve the issue?
The first step is to make sure you're sending those important documents via a secure, end-to-end encrypted email service; otherwise, there's no guarantee your information is safe. This is the only way to truly reduce the risk of strange eyes seeing what you don't want them to.
People should also know that they have options--there are now inexpensive, easy ways to encrypt your email, so it's important to remember this is accessible technology that will keep your email safe.