" escrow Archives - LuxSci FYI Blog: Learn about HIPAA email encryption, secure email encryption, and more

Posts Tagged ‘escrow’

Has Your Email Been Read? Read Receipts and Web Bugs

Wednesday, July 1st, 2020

 

Customers often ask how they can know if a message has been read by a specific recipient.  Typically, this is done by requesting a “Read Receipt” when sending the message; however, read receipts are not reliable. Spammers use techniques such as HTML “web bug” tracking to see if you have read an email message and thus if your email address is valid and ripe for more spamming; this is also not reliable. LuxSci’s SecureLine Escrow service includes a 100% reliable Read Receipt function that can be used when it is essential to know if someone has read a message. It also allows for message retraction (removing further access to an email message).

This article goes over these various methods of determining if a message has been read, shows how each works, and discusses the pros and cons of each.

Read the rest of this post »

Ask Erik: Is misaddressed email a HIPAA breach?

Friday, December 8th, 2017

Read the rest of this post »

Next Generation Data Loss Prevention (DLP) with LuxSci Secure Email

Tuesday, September 29th, 2015

Data Loss Prevention (DLP) describes a plan for companies to control the sending of sensitive data.  E.g. this can include controls to stop the flow of sensitive data or to ensure that sensitive data is always well-encrypted (for compliance) when sent.

In the context of email, DLP is usually achieved through the following formula:

  1. Construct a list of words, phrases, or patterns that, if they are present in an email, signify an email message that may contain sensitive information.
  2. Have all outbound email scanned for these words, phrases, or patterns
  3. For messages that match, take action:
    1. Block: Refuse to send the message, or
    2. Encrypt: Ensure that the message is encrypted
    3. Audit: (and maybe send a copy of the message to an “auditor”)

This classic DLP system is available through many email providers and has been available at LuxSci for many years as well. However, it does have a glaring limitation — no matter how complete and complex your DLP pattern list is, it is almost certain that some messages containing sensitive information will not quite match (or the information will be embedded in attachments that can’t be searched properly).  If they do not match, then they will escape in a way that may be considered a breach.

Read the rest of this post »

Toggling Between TLS-Only and More Secure Encryption Methods

Thursday, September 10th, 2015

There are many ways to send an email securely.  These range from the super-easy-to-use but less secure “TLS” method (see About SMTP TLS) to the universal “pick it up on a secure portal method” (that we call Escrow), to the very secure but harder to deal with PGP and S/MIME methods.

Many people like to use just TLS for email transmission security whenever possible, simply because it is so easy for everyone to use — you can encrypt everything, using TLS when possible and Escrow when TLS is not supported by your recipients.

However, if you have compliance needs or deal with sensitive information, there are many situations where you may like to “jack up” the level of encryption from just enforced TLS to TLS if possible plus one of the other methods … one that is more secure and which provides for encryption at rest.  (See: Is Email Encryption via Just TLS Good Enough for Compliance with Government Regulations?)

Disabling “Just TLS” on a per-message basis is quite easy with LuxSci.

Read the rest of this post »

SecureLine Message Center: Free, Secure Message Access Portal

Thursday, April 23rd, 2015

LuxSci customers send encrypted email messages to anyone using the SecureLine Escrow system — recipients receive a notification of their waiting secure message and click on a link to access it after either answering a security question or logging into their free SecureSend account to verify their identities.

The SecureLine Namespace and Message Center features enable your recipients to login and see a history of all secure messages sent to them from your users and to easily open, read, reply to, and delete these historical messages any time … at least until they have expired.  The Message Center also keeps copies of sent messages — so it enables free WebMail-like behavior in the SecureSend secure messaging portal

Read the rest of this post »

LUXSCI