SendItSecure Whitepaper
Content
SendItSecure™ E-mail Encryption
Highly Secure E-mail:
Exchanging Confidential Information through E-mail
» Why ordinary e-mail is not secure » Using biometrics to achieve e-mail security
Highly Secure E-mail:
2
Exchanging confidential information through e-mail
Contents
Introduction ................................................................................2 Government Mandates to Protect Data .................................................3 Why E-mail is Not Secure .................................................................4 Perimeter-Based E-mail Encryption .....................................................5 End-to-End E-mail Encryption ............................................................5 A Case for Biometrics .....................................................................6 Using SendItSecure for E-mail Encryption ..............................................8 Using SendItSecure to Communicate with Non-Subscribers .........................9 Using SendItSecure to Securely Transmit Large Files............................... 10 Conclusion ................................................................................ 11
Introduction
There is no doubt that e-mail has become a priceless and universal tool for businesses and individuals. You can instantly send a message to any number of people at virtually no cost. You have a permanent record of electronic
correspondence. These benefits have quickly made e-mail an effective tool for people to communicate. Unfortunately, e-mail is not secure. Yet, sensitive and confidential information is frequently transmitted in an unsecure state, making e-mail messages vulnerable to being read by unauthorized persons. If we cannot use e-mail to exchange the confidential information we work with everyday, what are we to do?
Copyright 2008 SafeLive Corporation
Highly Secure E-mail:
3
Exchanging confidential information through e-mail
The solution is secure e-mail. A secure e-mail system provides two important things: 1) The messages you send through e-mail are encrypted, and 2) the identities of users who send and receive messages are authenticated, or verified. Secure e-mail also ensures that the contents of your messages are genuine and have not been modified in transit. Since the users are
authenticated, someone cannot forge an e-mail message by pretending to be someone he or she is not. Finally, secure e-mail makes sure that only the people you send a message to can open that message. Many people believe that secure e-mail is complex and expensive. While the amount of information available regarding secure e-mail can be daunting, it can be quite simple and very cost-effective to implement. This whitepaper will describe the various ways to protect e-mail messages and how to simplify and improve the process.
Government Mandates to Protect Data
Organizations such as health care providers, financial institutions, and publicly traded companies are required by HIPAA, GLBA, Sarbanes-Oxley, and other regulations to protect their data. Organizations failing to comply with these mandates can be fined or otherwise penalized. Not only that, if a data breach does occur, these organizations may be required to notify their customers or clients that their private information has been compromised. According to the Privacy Rights Clearinghouse, more than 200 million records containing
Table 1 – Various Privacy Regulations
HIPAA (Health Insurance Portability and Accountability Act) requires health care providers to protect private health information. GLBA (Gramm-Leach-Bliley Act) mandates that financial institutions protect their customers’ private information. SOX (Sarbanes-Oxley) forces publically traded companies to protect financial information and prevent alterations to financial statements.
sensitive information have been involved in
Copyright 2008 SafeLive Corporation
Highly Secure E-mail:
4
Exchanging confidential information through e-mail
security breaches since 20051. These security breaches are embarrassing to the organizations involved and cause an unnecessary financial liability.
Why E-mail is Not Secure
Sending an ordinary e-mail message is much like sending a postcard. Just as any carrier delivering a postcard can see what was written, any person on one of the networks carrying an e-mail can see its contents. No one would put private data such as a social security number, bank account information, or medical records on a postcard. information in an unsecured e-mail. This is because ordinary e-mails are sent “clear-text,” meaning that the contents are transmitted over the Internet without being hidden or scrambled, or encrypted, in any way. Think of being in a room with several conversations happening at the same time. It is easy for someone to listen in on a Similarly, no one should put confidential
conversation if everyone is talking in plain English. Another downfall of ordinary e-mail is the lack of user authentication. Authentication simply means proving who one is. A computer user could easily pretend to be someone else―one of you partners, for example―and send you an e-mail. If it is a standard e-mail message, you have no way of knowing if the message is authentic, forged, or altered, no matter how official-looking it may be. This also leads to the fact that anyone gaining access to your computer or email inbox can read your messages. Again, the inability of users to prove who they are makes ordinary e-mail unsecure and less useful, potentially putting sensitive information at risk.
1
http://www.privacyrights.org/ar/ChronDataBreaches.htm, Accessed March 6, 2008
Copyright 2008 SafeLive Corporation
Highly Secure E-mail:
5
Exchanging confidential information through e-mail
Still, as many as 55% of employees report using an unsecure medium to transmit proprietary information2. This is simply unacceptable.
Perimeter-Based E-mail Encryption
To protect the confidential information in e-mail, some solutions encrypt messages as they leave the organization’s network and decrypt messages as they come in. This is achieved by placing a server (software or hardware)
between the organization’s internal network and the external Internet. E-mail sent within the organization stays unencrypted while e-mail sent to outside partners or clients is encrypted based on some predetermined policies. Although these systems can be set up and deployed with relative ease, they still lack high security. Users are not authenticated individually, thus
unauthorized users could gain access to the confidential information in your inbox and sent messages folders. Also, the messages do not remain encrypted all the way from the sender’s desktop to the receiver’s, leaving them vulnerable to interception or network eavesdropping.
End-to-End E-mail Encryption
Additional security can be provided by keeping e-mail messages encrypted during their entire traversal through the Internet. By using end-to-end
encryption, users are authenticated individually, so you know for sure (to a point) who sent the e-mail in question and who can read the e-mails you send. However, many end-to-end e-mail encryption solutions do not use strong authentication and instead use digital certificates or passphrases.
2
http://www.microsoft.com/presspass/press/2007/oct07/10-25SecureCollaborationPR.mspx, Accessed March 6, 2008
Copyright 2008 SafeLive Corporation
Highly Secure E-mail:
6
Exchanging confidential information through e-mail
A digital certificate is basically a file on a computer that contains basic personal information and an encryption key. By using a digital certificate, email messages are encrypted using a different key for each user. Each person with whom you correspond has a different certificate, making them difficult to manage. Other systems use passphrases to authenticate users. These passphrases can be used in one of two ways. The first is to simply let the user prove who they are by providing the correct passphrase when needed. Another method is to use the passphrase as the encryption key. The sender encrypts the message with a word or phrase, and the receiver must provide the same word or phrase to decrypt the message. The sender must communicate this “shared secret” with the receiver through some other mechanism, such as a telephone call. To make passphrases and passwords more secure and harder to guess, organizations often require them to meet certain complexity criteria. Since these passphrases are hard to remember, a user may write them on a piece of paper taped to the side of his or her monitor, making this form of authentication and encryption ineffective. The strength of end-to-end e-mail encryption systems depends largely on the strength of authentication used. Neither digital certificates nor passphrases provide strong authentication and should not be used as the sole means of securing confidential information.
A Case for Biometrics
There are three basic classes, or factors, of user authentication: something you have, something you know, and something you are. The secure e-mail systems mentioned above use only the two lowest factors of security: something you have (usually a digital certificate) and something you know (such as a
Copyright 2008 SafeLive Corporation
Highly Secure E-mail:
7
Exchanging confidential information through e-mail
passphrase).
While these systems are useful in some situations, using
something you are (like your unique fingerprint) can greatly increase the security of your messaging solution. The third and most secure factor for authentication (something you are) is biometrics. The word “biometrics” literally means “the measurement of life.” When applied to identifying or authenticating a person, biometrics means measuring some physical or biological attribute that is unique to each human being. While some biometric techniques―such as DNA analysis or retina scans―can be costly and impractical, other methods―such as fingerprint verification―are easy to use, cost-effective, and very secure. Fingerprint biometrics provides the best cost-to-accuracy benefit ratio. Your fingerprint is completely unique. It cannot be stolen by another individual, cannot be forgotten, and cannot be changed. This unique attribute can be used to absolutely identify you from anyone else in the world. To identify a user using fingerprint biometrics, he or she only needs to scan his or her fingerprint on an electronic fingerprint reader which takes only a short moment. Fingerprint biometrics is also very reliable. Modern fingerprint comparison
algorithms have extremely low false-accept and false-reject rates. A low falseaccept rate means that the probability of accepting a fingerprint as a match when it should not have is very unlikely. On the other side, having a low falsereject rate means that the system will not likely reject a match when it should have accepted it, making it more user-friendly. In addition to the high performance of modern fingerprint technologies, electronic fingerprint scanners are also very affordable. A high-quality
fingerprint reader can be acquired for less than the price of a digital webcam.
Copyright 2008 SafeLive Corporation
Highly Secure E-mail:
8
Exchanging confidential information through e-mail
Using SendItSecure for E-mail Encryption
The SafeLive SendItSecure system is an end-to-end e-mail encryption system that uses fingerprint biometrics to authenticate its users. A message stays
encrypted from the time it leaves the sender’s desktop until the recipient opens it. The identity of each user is verified using fingerprint biometrics
before being allowed to send or open any message giving the system a very high degree of security. The core of the SendItSecure system is the central authentication server. This secure web server is responsible for positively identifying each user by his or her fingerprint before any e-mail It also
transaction can take place.
manages the encryption keys for each message. When a user wishes to send a secure message, he or she simply composes the message using Microsoft Outlook or the
Figure 1 - Overview of SendItSecure Architecture
SendItSecure stand-alone client with a
familiar-looking interface.
When the ‘Send’ button is clicked, the user is
prompted to scan his or her fingerprint. This fingerprint is then submitted to the central authentication server and verified. If the fingerprint matches the one the user supplied when first enrolling, the transaction continues and the SendItSecure software encrypts the message (including any attachments) using an advanced encryption algorithm. It is then delivered to each recipient using the existing e-mail infrastructure (Figure 1, steps 1-4). The message is not stored on or transmitted through the SendItSecure server under normal circumstances.
Copyright 2008 SafeLive Corporation
Highly Secure E-mail:
9
Exchanging confidential information through e-mail
When a receiving user opens the message, he or she must also provide a live fingerprint scan. This scan is verified using the central authentication server in the same fashion as previously described. If the receiver is successfully
authenticated and authorized, the message can be decrypted on his or her computer (Figure 1, steps 5-6). As soon as the receiver closes the message, the unencrypted contents are completely erased, making it impossible for someone to read the e-mail at a later date without re-authenticating. Using SendItSecure takes little effort on part of the user and the benefits of truly securing your confidential
information far outweigh the small amount of time needed to scan a fingerprint. takes only Installing the software a few moments and
enrolling the fingerprints is a simple task that can be performed by the users, usually without the help of IT staff.
Figure 2 - User Being Prompted for Fingerprint Scan
Using SendItSecure to Communicate with Non-Subscribers
“How can I securely communicate with those who do not have fingerprint readers or are not in the SendItSecure system?” This is easily done using
Secure Message Pickup. When a SendItSecure user sends a secure message to someone who is not in the system, the message is stored on the secure server in its encrypted state and using industry-standard SSL connections. The nonSendItSecure recipient is then notified via a standard e-mail that there is a secure message waiting for him or her, along with a link to it. When the user clicks the link, he or she is brought to the secure message pickup site where the user can view the message, download any attachments, and reply.
Copyright 2008 SafeLive Corporation
Highly Secure E-mail:
10
Exchanging confidential information through e-mail
To authenticate these “message pickup” users, the sender can choose a secret question that the recipient must answer correctly to gain access. These
questions are determined by each organization’s administrator and the expected answers should be something that only the sender and recipient will know. For a healthcare clinic, one question could be something like “What are the last six digits of your health insurance policy number?” Other institutions may have a completely different set of questions. Once a message pickup user authenticates for the first time, he or she creates a password that is used for receiving future secure messages. This password can be changed at any time and is now only known by that user. This message pickup mechanism uses only a passphrase for authentication, potentially reducing the security of messages sent using it. However, there are many instances where this is necessary so care should be taken when using it.
Using SendItSecure to Securely Transmit Large Files
Traditional e-mail systems do not handle large files easily. Many e-mail
providers limit the size of file attachments to 20 MB, 10 MB, or even down to 1 or 2 MB. SendItSecure provides an alternate method to deliver large files by transmitting the encrypted large file data through the SendItSecure server, instead of through standard e-mail. To the users, it looks and acts just like a regular e-mail attachment except that they can attach files of any size, even into the gigabytes. This is particularly useful and convenient when sending medical records, technical designs, and other common business documents. You can confidently send and receive files of any size using this highly secure medium.
Copyright 2008 SafeLive Corporation
Highly Secure E-mail:
11
Exchanging confidential information through e-mail
Conclusion
E-mail is a tremendously useful and valuable means of communication. This convenience has caused businesses and organizations to depend on it for dayto-day, mission-critical operations. Unfortunately, the inherent security risks when transmitting sensitive and confidential information through e-mail limit its usefulness. This private information needs to be protected using the
easiest, most secure, and most cost-effective method possible. SendItSecure, by SafeLive Corporation, achieves these security requirements by employing accurate, simple-to-use fingerprint biometrics and advanced encryption algorithms. Adding this additional security will reduce the risk of a data breach that could result in an avoidable cost to your organization. Using SendItSecure will ensure that the data you transmit through e-mail remains private and secure, without introducing the burden or expense of complex infrastructures. For more information on securing your organization’s e-mail, please contact us at: Tel: (715) 246-5808 Toll-free: (800) 642-5808 Web: http://www.SafeLive.com E-mail: [email protected]
Copyright 2008 SafeLive Corporation
Highly Secure E-mail:
Exchanging Confidential Information through E-mail
» Why ordinary e-mail is not secure » Using biometrics to achieve e-mail security
Highly Secure E-mail:
2
Exchanging confidential information through e-mail
Contents
Introduction ................................................................................2 Government Mandates to Protect Data .................................................3 Why E-mail is Not Secure .................................................................4 Perimeter-Based E-mail Encryption .....................................................5 End-to-End E-mail Encryption ............................................................5 A Case for Biometrics .....................................................................6 Using SendItSecure for E-mail Encryption ..............................................8 Using SendItSecure to Communicate with Non-Subscribers .........................9 Using SendItSecure to Securely Transmit Large Files............................... 10 Conclusion ................................................................................ 11
Introduction
There is no doubt that e-mail has become a priceless and universal tool for businesses and individuals. You can instantly send a message to any number of people at virtually no cost. You have a permanent record of electronic
correspondence. These benefits have quickly made e-mail an effective tool for people to communicate. Unfortunately, e-mail is not secure. Yet, sensitive and confidential information is frequently transmitted in an unsecure state, making e-mail messages vulnerable to being read by unauthorized persons. If we cannot use e-mail to exchange the confidential information we work with everyday, what are we to do?
Copyright 2008 SafeLive Corporation
Highly Secure E-mail:
3
Exchanging confidential information through e-mail
The solution is secure e-mail. A secure e-mail system provides two important things: 1) The messages you send through e-mail are encrypted, and 2) the identities of users who send and receive messages are authenticated, or verified. Secure e-mail also ensures that the contents of your messages are genuine and have not been modified in transit. Since the users are
authenticated, someone cannot forge an e-mail message by pretending to be someone he or she is not. Finally, secure e-mail makes sure that only the people you send a message to can open that message. Many people believe that secure e-mail is complex and expensive. While the amount of information available regarding secure e-mail can be daunting, it can be quite simple and very cost-effective to implement. This whitepaper will describe the various ways to protect e-mail messages and how to simplify and improve the process.
Government Mandates to Protect Data
Organizations such as health care providers, financial institutions, and publicly traded companies are required by HIPAA, GLBA, Sarbanes-Oxley, and other regulations to protect their data. Organizations failing to comply with these mandates can be fined or otherwise penalized. Not only that, if a data breach does occur, these organizations may be required to notify their customers or clients that their private information has been compromised. According to the Privacy Rights Clearinghouse, more than 200 million records containing
Table 1 – Various Privacy Regulations
HIPAA (Health Insurance Portability and Accountability Act) requires health care providers to protect private health information. GLBA (Gramm-Leach-Bliley Act) mandates that financial institutions protect their customers’ private information. SOX (Sarbanes-Oxley) forces publically traded companies to protect financial information and prevent alterations to financial statements.
sensitive information have been involved in
Copyright 2008 SafeLive Corporation
Highly Secure E-mail:
4
Exchanging confidential information through e-mail
security breaches since 20051. These security breaches are embarrassing to the organizations involved and cause an unnecessary financial liability.
Why E-mail is Not Secure
Sending an ordinary e-mail message is much like sending a postcard. Just as any carrier delivering a postcard can see what was written, any person on one of the networks carrying an e-mail can see its contents. No one would put private data such as a social security number, bank account information, or medical records on a postcard. information in an unsecured e-mail. This is because ordinary e-mails are sent “clear-text,” meaning that the contents are transmitted over the Internet without being hidden or scrambled, or encrypted, in any way. Think of being in a room with several conversations happening at the same time. It is easy for someone to listen in on a Similarly, no one should put confidential
conversation if everyone is talking in plain English. Another downfall of ordinary e-mail is the lack of user authentication. Authentication simply means proving who one is. A computer user could easily pretend to be someone else―one of you partners, for example―and send you an e-mail. If it is a standard e-mail message, you have no way of knowing if the message is authentic, forged, or altered, no matter how official-looking it may be. This also leads to the fact that anyone gaining access to your computer or email inbox can read your messages. Again, the inability of users to prove who they are makes ordinary e-mail unsecure and less useful, potentially putting sensitive information at risk.
1
http://www.privacyrights.org/ar/ChronDataBreaches.htm, Accessed March 6, 2008
Copyright 2008 SafeLive Corporation
Highly Secure E-mail:
5
Exchanging confidential information through e-mail
Still, as many as 55% of employees report using an unsecure medium to transmit proprietary information2. This is simply unacceptable.
Perimeter-Based E-mail Encryption
To protect the confidential information in e-mail, some solutions encrypt messages as they leave the organization’s network and decrypt messages as they come in. This is achieved by placing a server (software or hardware)
between the organization’s internal network and the external Internet. E-mail sent within the organization stays unencrypted while e-mail sent to outside partners or clients is encrypted based on some predetermined policies. Although these systems can be set up and deployed with relative ease, they still lack high security. Users are not authenticated individually, thus
unauthorized users could gain access to the confidential information in your inbox and sent messages folders. Also, the messages do not remain encrypted all the way from the sender’s desktop to the receiver’s, leaving them vulnerable to interception or network eavesdropping.
End-to-End E-mail Encryption
Additional security can be provided by keeping e-mail messages encrypted during their entire traversal through the Internet. By using end-to-end
encryption, users are authenticated individually, so you know for sure (to a point) who sent the e-mail in question and who can read the e-mails you send. However, many end-to-end e-mail encryption solutions do not use strong authentication and instead use digital certificates or passphrases.
2
http://www.microsoft.com/presspass/press/2007/oct07/10-25SecureCollaborationPR.mspx, Accessed March 6, 2008
Copyright 2008 SafeLive Corporation
Highly Secure E-mail:
6
Exchanging confidential information through e-mail
A digital certificate is basically a file on a computer that contains basic personal information and an encryption key. By using a digital certificate, email messages are encrypted using a different key for each user. Each person with whom you correspond has a different certificate, making them difficult to manage. Other systems use passphrases to authenticate users. These passphrases can be used in one of two ways. The first is to simply let the user prove who they are by providing the correct passphrase when needed. Another method is to use the passphrase as the encryption key. The sender encrypts the message with a word or phrase, and the receiver must provide the same word or phrase to decrypt the message. The sender must communicate this “shared secret” with the receiver through some other mechanism, such as a telephone call. To make passphrases and passwords more secure and harder to guess, organizations often require them to meet certain complexity criteria. Since these passphrases are hard to remember, a user may write them on a piece of paper taped to the side of his or her monitor, making this form of authentication and encryption ineffective. The strength of end-to-end e-mail encryption systems depends largely on the strength of authentication used. Neither digital certificates nor passphrases provide strong authentication and should not be used as the sole means of securing confidential information.
A Case for Biometrics
There are three basic classes, or factors, of user authentication: something you have, something you know, and something you are. The secure e-mail systems mentioned above use only the two lowest factors of security: something you have (usually a digital certificate) and something you know (such as a
Copyright 2008 SafeLive Corporation
Highly Secure E-mail:
7
Exchanging confidential information through e-mail
passphrase).
While these systems are useful in some situations, using
something you are (like your unique fingerprint) can greatly increase the security of your messaging solution. The third and most secure factor for authentication (something you are) is biometrics. The word “biometrics” literally means “the measurement of life.” When applied to identifying or authenticating a person, biometrics means measuring some physical or biological attribute that is unique to each human being. While some biometric techniques―such as DNA analysis or retina scans―can be costly and impractical, other methods―such as fingerprint verification―are easy to use, cost-effective, and very secure. Fingerprint biometrics provides the best cost-to-accuracy benefit ratio. Your fingerprint is completely unique. It cannot be stolen by another individual, cannot be forgotten, and cannot be changed. This unique attribute can be used to absolutely identify you from anyone else in the world. To identify a user using fingerprint biometrics, he or she only needs to scan his or her fingerprint on an electronic fingerprint reader which takes only a short moment. Fingerprint biometrics is also very reliable. Modern fingerprint comparison
algorithms have extremely low false-accept and false-reject rates. A low falseaccept rate means that the probability of accepting a fingerprint as a match when it should not have is very unlikely. On the other side, having a low falsereject rate means that the system will not likely reject a match when it should have accepted it, making it more user-friendly. In addition to the high performance of modern fingerprint technologies, electronic fingerprint scanners are also very affordable. A high-quality
fingerprint reader can be acquired for less than the price of a digital webcam.
Copyright 2008 SafeLive Corporation
Highly Secure E-mail:
8
Exchanging confidential information through e-mail
Using SendItSecure for E-mail Encryption
The SafeLive SendItSecure system is an end-to-end e-mail encryption system that uses fingerprint biometrics to authenticate its users. A message stays
encrypted from the time it leaves the sender’s desktop until the recipient opens it. The identity of each user is verified using fingerprint biometrics
before being allowed to send or open any message giving the system a very high degree of security. The core of the SendItSecure system is the central authentication server. This secure web server is responsible for positively identifying each user by his or her fingerprint before any e-mail It also
transaction can take place.
manages the encryption keys for each message. When a user wishes to send a secure message, he or she simply composes the message using Microsoft Outlook or the
Figure 1 - Overview of SendItSecure Architecture
SendItSecure stand-alone client with a
familiar-looking interface.
When the ‘Send’ button is clicked, the user is
prompted to scan his or her fingerprint. This fingerprint is then submitted to the central authentication server and verified. If the fingerprint matches the one the user supplied when first enrolling, the transaction continues and the SendItSecure software encrypts the message (including any attachments) using an advanced encryption algorithm. It is then delivered to each recipient using the existing e-mail infrastructure (Figure 1, steps 1-4). The message is not stored on or transmitted through the SendItSecure server under normal circumstances.
Copyright 2008 SafeLive Corporation
Highly Secure E-mail:
9
Exchanging confidential information through e-mail
When a receiving user opens the message, he or she must also provide a live fingerprint scan. This scan is verified using the central authentication server in the same fashion as previously described. If the receiver is successfully
authenticated and authorized, the message can be decrypted on his or her computer (Figure 1, steps 5-6). As soon as the receiver closes the message, the unencrypted contents are completely erased, making it impossible for someone to read the e-mail at a later date without re-authenticating. Using SendItSecure takes little effort on part of the user and the benefits of truly securing your confidential
information far outweigh the small amount of time needed to scan a fingerprint. takes only Installing the software a few moments and
enrolling the fingerprints is a simple task that can be performed by the users, usually without the help of IT staff.
Figure 2 - User Being Prompted for Fingerprint Scan
Using SendItSecure to Communicate with Non-Subscribers
“How can I securely communicate with those who do not have fingerprint readers or are not in the SendItSecure system?” This is easily done using
Secure Message Pickup. When a SendItSecure user sends a secure message to someone who is not in the system, the message is stored on the secure server in its encrypted state and using industry-standard SSL connections. The nonSendItSecure recipient is then notified via a standard e-mail that there is a secure message waiting for him or her, along with a link to it. When the user clicks the link, he or she is brought to the secure message pickup site where the user can view the message, download any attachments, and reply.
Copyright 2008 SafeLive Corporation
Highly Secure E-mail:
10
Exchanging confidential information through e-mail
To authenticate these “message pickup” users, the sender can choose a secret question that the recipient must answer correctly to gain access. These
questions are determined by each organization’s administrator and the expected answers should be something that only the sender and recipient will know. For a healthcare clinic, one question could be something like “What are the last six digits of your health insurance policy number?” Other institutions may have a completely different set of questions. Once a message pickup user authenticates for the first time, he or she creates a password that is used for receiving future secure messages. This password can be changed at any time and is now only known by that user. This message pickup mechanism uses only a passphrase for authentication, potentially reducing the security of messages sent using it. However, there are many instances where this is necessary so care should be taken when using it.
Using SendItSecure to Securely Transmit Large Files
Traditional e-mail systems do not handle large files easily. Many e-mail
providers limit the size of file attachments to 20 MB, 10 MB, or even down to 1 or 2 MB. SendItSecure provides an alternate method to deliver large files by transmitting the encrypted large file data through the SendItSecure server, instead of through standard e-mail. To the users, it looks and acts just like a regular e-mail attachment except that they can attach files of any size, even into the gigabytes. This is particularly useful and convenient when sending medical records, technical designs, and other common business documents. You can confidently send and receive files of any size using this highly secure medium.
Copyright 2008 SafeLive Corporation
Highly Secure E-mail:
11
Exchanging confidential information through e-mail
Conclusion
E-mail is a tremendously useful and valuable means of communication. This convenience has caused businesses and organizations to depend on it for dayto-day, mission-critical operations. Unfortunately, the inherent security risks when transmitting sensitive and confidential information through e-mail limit its usefulness. This private information needs to be protected using the
easiest, most secure, and most cost-effective method possible. SendItSecure, by SafeLive Corporation, achieves these security requirements by employing accurate, simple-to-use fingerprint biometrics and advanced encryption algorithms. Adding this additional security will reduce the risk of a data breach that could result in an avoidable cost to your organization. Using SendItSecure will ensure that the data you transmit through e-mail remains private and secure, without introducing the burden or expense of complex infrastructures. For more information on securing your organization’s e-mail, please contact us at: Tel: (715) 246-5808 Toll-free: (800) 642-5808 Web: http://www.SafeLive.com E-mail: [email protected]
Copyright 2008 SafeLive Corporation
