For many different reasons, customers have asked us if we hold the keys to unlocking their email data. Why?
- Compliance / Emergencies: Customers with compliance needs, such as HIPAA, need to have emergency access to data … and that can mean appealing to LuxSci to access data to which the customer has otherwise lost access. Having the keys in this case, is very important.
- Privacy: On the other end of the spectrum, some customers want to do as much as possible to ensure that no one, not even LuxSci staff, can access their email data.
Both considerations are extremely valid in their own context. The answer is that “it depends”. For security and flexibility, LuxSci presents customers a variety of email encryption options that span the complete range from “completely unencrypted” to “LuxSci has no possible access“. It is up to the customer to choose where in that spectrum they fall … often balancing ease of use with security needs.
In the following sections, we will consider to what degree LuxSci can assist customers in accessing email (and WebAides) data, based on what encryption options the customer has chosen. We also discuss where and how your trust of LuxSci comes into play. Understanding if and when LuxSci can access encrypted data is different from understanding when messages are encrypted at rest.
Read the rest of this post »