" email security Archives - HIPAA News, Web & Email Security Tips & News - Plus More | LuxSci
LuxSci

Posts Tagged ‘email security’

SSL versus TLS – What’s the difference?

Wednesday, September 20th, 2017

SSL versus TLS

TLS (Transport Layer Security) and SSL (Secure Sockets Layer) are protocols that provide data encryption and authentication between applications and servers in scenarios where that data is being sent across an insecure network, such as checking your email (How does the Secure Socket Layer work?). The terms SSL and TLS are often used interchangeably or in conjunction with each other (TLS/SSL), but one is in fact the predecessor of the other — SSL 3.0 served as the basis for TLS 1.0 which, as a result, is sometimes referred to as SSL 3.1. With this said though, is there actually a practical difference between the two?

SSL versus TLS: What is the differenc?

See also our Infographic which summarizes these differences.

 

Read the rest of this post »

The Case For Email Security

Tuesday, March 31st, 2015

Section 1: Introduction to Email Security

You may already know that email is insecure; however, it may surprise you to learn just how insecure it really is. For example, did you know that messages which you thought were deleted years ago may be sitting on servers half-way around the world? Or that your messages can be read and modified in transit, even before they reach their destination? Or even that the username and password that you use to login to your email servers can be stolen and used by hackers?

This article is designed to teach you about how email really works, what the real security issues are, what solutions exist, and how you can avoid security risks.

Information security and integrity are centrally important  as we use email for personal and business communication: sending confidential and sensitive information over this medium every day. While you are reading this article, imagine how these security problems could affect your business or personal life and your identity…. if they have not already.

Read the rest of this post »

Do you need a VPN for Secure Email in a Wireless Hotspot?

Tuesday, January 28th, 2014

LuxSci has been approached by many people asking for VPN (Virtual Private Network) services.  When we ask them why, they indicate that they use wireless hotspots (like at Starbucks and other public places) that are insecure and untrusted and they want to be sure that their email is secure and encrypted there.*

Note that even if the hotspot is password protected and “secure”, that does not mean that it is “trusted”.  The hot stop administrators or other users of that hotspot could still try to intercept your Internet traffic.  So, just because it is a “secure” hotspot with the little lock next to it and a password that you must enter, do not assume you are safe at all.

Read the rest of this post »

Do I need to Buy an SSL Certificate to use Secure Email?

Monday, September 23rd, 2013

Our sales staff have been asked this question countless times.  It is a natural assumption that because SSL and TLS encryption of email (and web sites) requires use of an “SSL certificate“, that one must buy an SSL certificate in order to use such a service.  Fortunately, the answer is always

You do not need to buy your own SSL certificate to use secure email.

We’ll explain why.

Read the rest of this post »

What exactly does HIPAA say about Email Security?

Friday, August 30th, 2013

Performing daily business transactions through electronic technologies is accepted, reliable, and necessary across the nation’s healthcare sectors. Therefore, electronic communications and email have become a standard in the healthcare industry as a way to conduct business activities that commonly include:

  • Interacting with web-savvy patients;
  • Real time authorizations for medical services;
  • Transcribing, accessing and storing health records;
  • Appointment scheduling;
  • Referring patients; and
  • Submitting claims to health plan payers for payment of the services provided.

Read the rest of this post »

Do They Support TLS? Find out Fast

Friday, July 6th, 2012

Do you want your email messages sent “in the clear” across the Internet, where they could be read by anyone?

TLS (Transport Layer Security) enables email servers to automatically establish a secure channel between themselves so that your email messages can be securely transmitted from your servers to your recipient’s servers.  See: All about email delivery over TLS.

Read the rest of this post »

When is “Secure Email” only a Veneer of Security?

Wednesday, March 7th, 2012

I recently applied for a new insurance policy with fairly well known insurance agency (who shall remain nameless).  When all the preliminaries were done, the representative emailed me copies of the new policies.  They were “secure” emails.  I was very impressed … they thought enough of my privacy and identity to ensure that sensitive documents  would be sent securely.  And, working in an email security company, I actually know and appreciate the ramifications of that perhaps more than most.

So, once I finally got around to accessing the message, I discovered that it was really not secure at all!  Even though the subject said “secured”, the representative said it was secure, and the PDFs of the policy documents were not physically in the message, it was really completely insecure!  My faith in the company is now somewhat tarnished (though they might not even know about the issue) … and I have serious doubts about whatever provider they are using to facilitate these “secure messages”.

How do I know it was insecure?

Read the rest of this post »

Video: How SecureLine Escrow works – Sending secure email messages to anyone

Wednesday, June 23rd, 2010

This new tutorial video explains how SecureLine Escrow works for sending secure email messages to anyone on the Internet, no matter what kind of email service they have.  It discusses the security features of Escrow, how messages are sent securely, what the secure messages look like to the recipient, and how they are retrieved.

Watch Video: About SecureLine Escrow


HIPAA 2010: HITECH Impact on Email and Web Outsourcing

Wednesday, January 20th, 2010

Surprise!  HIPAA has changed, gotten bigger, and grown teeth.

The American Recovery and Reinvestment Act (ARRA, or The Obama Stimulus Bill), signed into law in February 2009, includes new, more comprehensive provisions for HIPAA. These provisions are in a section of the bill known as the Health Information Technology for Economic and Clinical Health Act (HITECH).

For organizations that are already required to abide by HIPAA (i.e. the “Covered Entities” of HIPAA), HITECH adds the following requirements:

Read the rest of this post »

Mitigating Threats To Your Email Security and Privacy

Sunday, March 8th, 2009

Email security issues and technologies are extremely complicated; however, here we intend to make the salient issues and solutions clearly understandable to all readers.

You may already know that email is not a perfectly secure communication medium; however, it might surprise you to learn just how inherently insecure email can be. Messages thought deleted can still exist in backup folders on remote servers years after being sent. Hackers can read and modify messages in transit, use your usernames and passwords to login to your online services, and steal your identity and critical information!

As the amount of crucial business conducted via email increases, so does the amount of Spam, viruses, hacking, fraud, and other malicious activity. Unless precautions are taken, email can leave you and your business open to escalating security and privacy risks. What are these risks?

Read the rest of this post »