" portal pickup Archives - LuxSci

Posts Tagged ‘portal pickup’

How to Overcome Email Encryption Challenges

Thursday, July 13th, 2023

If your business transmits sensitive information via email, encryption is often required to meet compliance standards. However, if encryption is difficult to use, employees and recipients alike may avoid secure channels and communicate sensitive information insecurely. Email encryption technology must be intuitive for employees to use and easy for recipients to decrypt to encourage adoption. In this article, we explore some of the main issues with email encryption and how to address them to improve the user experience.

man looking at computer frustrated by email encryption

Decrypting Messages is Too Difficult

If it’s challenging for recipients to decrypt messages, they go unread or deleted. Most users will not install new software or create new accounts to read an email message. They will delete the message and move on with their day. Encryption technologies like PGP and S/MIME are highly secure, but with that security comes a lack of usability. It’s essential to evaluate the message contents and select a level of encryption corresponding to the message sensitivity.

The User Experience is Poor

If reading encrypted messages requires the user to visit other websites, log in to other accounts, and verify their identity multiple times, it creates a poor user experience that drives individuals outside of secure channels to communicate. This defeats the purpose of using encrypted email and leaves people unsatisfied.

Email Encryption Technology isn’t Error-Proof

How many times have you forgotten to include an attachment when sending an important email? For users who need to send encrypted emails, remembering to type a keyword or press a button to enable encryption introduces risk, interrupts business processes, and generally limits productivity.

How to Improve the Email Encryption Experience

To address some of these issues, let’s look at a few ways that you can improve the email encryption experience for both senders and recipients.

Use TLS Encryption

Instead of using a secure web portal or exchanging S/MIME and PGP keys, use TLS as often as possible to encrypt emails. TLS is sometimes called “invisible encryption” because it provides a barely noticeable encryption experience for recipients. Emails sent with TLS encryption appear just like regular emails in the recipient’s inbox and do not require any additional steps to decrypt. TLS encryption is sufficient for most compliance requirements, including HIPAA, which makes it an excellent choice for many email communications.

Make Encryption Decisions Automatic

TLS is supported by over 80% of email clients, which means it’s appropriate in most situations. But what happens when TLS cannot be supported? For many encryption providers, that means they send the email without any encryption at all. For customers with compliance requirements, this is not an option. By choosing an email encryption provider like LuxSci, you can configure your encryption settings to automatically select a form of encryption that is compatible with the recipient’s email client. For example, if the recipient does not support TLS encryption, the email would be sent to a secure web portal to protect it. Users don’t have to run tests or make the right choice; LuxSci’s tool automatically chooses the right encryption option based on your configuration and the recipient’s settings.

Take Technology Choices out of Employee Hands

Make encryption opt-out instead of opt-in. By encrypting all emails automatically with TLS, employees do not need to decide if an email needs to be secured. As discussed above, TLS provides a user experience just like regular email, so it does not make it more challenging for the recipient to engage with messages. Encrypting all emails as a matter of policy reduces risk and does not slow down workflows.

Administrators can allow users to opt out of encryption if they choose to. This added step requires employees to think carefully about the message contents and ensure they are not sensitive before sending.

Conclusion

Email encryption does not have to be difficult to use. It’s possible to securely exchange information via email without negatively impacting the user experience. To learn more about how LuxSci’s SecureLine email encryption can help you protect sensitive data at scale, contact us today.

New Feature: Secure Email Tagline

Thursday, June 23rd, 2022

LuxSci is introducing a new email tagline feature to inform recipients that email messages are secured. This helps build trust and increase confidence with less tech-savvy recipients who do not understand how email encryption works.

secure email tagline

TLS Encryption

TLS encryption is now widely supported by the most popular email providers. As a result, more organizations are choosing to send emails containing sensitive data with TLS encryption. There are a few reasons for this:

  1. TLS encryption is permitted under HIPAA and most compliance regulations.
  2. It’s easier to use and does not require recipients to log in to portals to access their messages.
  3. The open and response rates are higher on TLS encrypted messages.

However, using only TLS to encrypt emails can be confusing to the laypeople receiving them. While it’s easy to use and “invisible,” that can be concerning when transmitting sensitive information. If it looks like a regular email, recipients may be concerned that the organization does not care about the security of their personal information. This perception can negatively impact the business and dissuade people from using digital channels.

Introducing a New Email Tagline

For these reasons, all Email Hosting, Secure Connector, Secure High Volume Email, and Secure Marketing customers who send emails encrypted via SecureLine will have a small tagline at the bottom of the email that indicates the message is secure. It looks like this:

message secured by LuxSci tagline

This tagline builds trust and lets the recipient know that the company has taken steps to secure sensitive data. If you are an existing customer, visit your email settings or contact Customer Support to enable this feature. New customers will automatically have the tagline enabled when sending SecureLine encrypted emails.

When can sending TLS-Secured Email be NOT HIPAA Compliant?

Tuesday, May 1st, 2018

In a question recently submitted to “Ask Erik,” John asked:

“How does sending a TLS-encrypted email sometimes become non-compliant?  Lets says I send an email from my Office 365 Business account to a gmail.com account which both support TLS encryption.  Is it because I do not know what path and what servers the email has to go through?  Does each server have to decrypt the email and is that when it becomes non-compliant?  I love the Luxsci forms by the way!”

This is a great question!  In a recent survey that LuxSci did, less than 50% the people interested in secure email even knew what TLS is and how it works.  So it is not surprising that there is a lot of confusion out there about what is acceptable for compliance and what is not.

Read the rest of this post »