" secureline Archives - LuxSci FYI Blog: Learn about HIPAA email encryption, secure email encryption, and more
LUXSCI

Posts Tagged ‘secureline’

Opt-In Email Encryption is Too Risky for HIPAA Compliance

Tuesday, July 11th, 2017

A majority of companies and hospitals that offer email encryption for HIPAA compliance allow senders to “opt in” to encryption on a message-by-message basis.  E.g., if the sender “does nothing special” then the email will be sent in the normal/insecure manner of email in general.  If the sender explicitly checks a box or adds some special content to the body or subject of the message, then it will be encrypted and HIPAA compliant.

Opt-in encryption is desirable because it is “easy” … end users don’t want any extra work and don’t want encryption requirements to bog them down, especially if many of their messages do not contain PHI.  It is “good for usability” and thus easy to sell.

Cybersecurity opt-in email encryption

However, opt-in encryption is a very bad idea with the inception of the HIPAA Omnibus rule.  Opt-in encryption imposes a large amount of risk on an organization, which grows exponentially with the size of the organization.  Organizations are responsible for the mistakes and lapses of their employees; providing an encryption system where inattention can lead to a breach is something to be very wary of.

Read the rest of this post »

Automating the Sending of Secure Messages

Monday, February 1st, 2016

Do you have an application or system that needs to send secure messages on demand?  Do you need the flexibility to encrypt messages in different ways, to include files, HTML, and read receipts, or to have the messages be fully HIPAA compliant?

LuxSci has added secure messaging functionality to its Application Programming Interface (API).

Customers with SecureLine, LuxSci’s message encryption service, can now send secure messages though LuxSci’s REST API.  Features of this service include:

  1. Up to 100 recipients/message  (total daily and monthly recipient limits also exist and can be negotiated).
  2. Up to 70MB of content (body and attachments) per message.
  3. Email encryption via SMTP TLS, Escrow, PGP, and/or SMIME.
  4. The ability to toggle between use of TLS and Escrow on a per-message basis, depending on the level of security needed.  See: next generation opt-in email encryption.
  5. Message delivery tracking
  6. Read receipts — invisible to the recipient and reliable (with SecureLine Escrow).

If you would like to give LuxSci’s SecureLine messaging API a try, please contact LuxSci support and we can enable API access for your real or free trial account.

See also our General API Usage guide, and our API User Functions guide.

Does TLS Corruption Spell the end of SMTP TLS?

Tuesday, November 3rd, 2015

We have seen discussions recently about how attackers can interfere with SMTP TLS, influencing connections, and causing them to be downgraded to insecure — SMTP without TLS.  E.g. Ars Technica’s – “Don’t Count on STARTTLS to Automatically Encrypt your Sensitive Emails“.

What is being discussed here is a very real attack on Opportunistic TLS. I.e. the kind of automated establishment of encryption that can happen when two email servers being their dialog and discover that “hey, great, we both support TLS so lets use it!”  In such cases, servers take the “opportunity” to use TLS to encrypt the delivery of an email message from one server to another.  Opportunistic TLS is great as it is enabling automatic encryption of more and more email over time (see: Who supports TLS?).

The problem is that the initial negotiation of the SMTP email connection, before TLS is established, occurs over an insecure channel.  A man-in-the-middle attacker can interfere with this connection so that it appears that TLS (i.e. the STARTTLS command) is not supported by the server (when it really is).  As a result, the sending server will never try to use TLS and the connection will remain insecure — transmitting the email message “in the clear” and ripe for eavesdropping.

Read the rest of this post »

Get facebook Email Notifications Securely with LuxSci Email

Wednesday, September 23rd, 2015

facebook has a great feature where you can have all facebook notifications sent to you using PGP-encrypted email.  This is great if you want to be sure that noone except for you can read these messages.

LuxSci has supported sending and receiving PGP-encrypted email for the last 10 years, since the introduction of SecureLine email encryption services (10 years old this month).

In this article, we show you how users of LuxSci WebMail with SecureLine can setup facebook so that all facebook notices will be encrypted and delivered securely to their email Inboxes.

If you don’t have LuxSci email hosting yet, you can try it free.

If you are a LuxSci customer but don’t have SecureLine yet, you can upgrade.

Read the rest of this post »

Are you Minimizing your Risk by using the Next Generation of Opt In Email Encryption?

Friday, September 11th, 2015

We have long held that leaving it to each sender/employee to properly enable encryption for each sensitive message (a.k.a “Opt In Encryption”) is too risky.  Why? Any mistake or oversight immediately equals a breach and liability.

Instead, LuxSci has always promoted use of “Opt Out Encryption,” in which the account default is to encrypt everything unless the sender specifically indicates that the message is not sensitive.  The risk with Opt Out Encryption is very much smaller than with Opt In.  (See Opt-In Email Encryption is too Risky for HIPAA Compliance).

The problem is: many companies use Opt In Encryption because it is convenient when sending messages without sensitive information — you just send these messages “as usual,”  without forethought.  These companies are trading large risks in return for conveniences.

LuxSci has solved the “Opt In vs. Opt Out” conundrum with its SecureLine Email Encryption Service.  You could say that SecureLine enables the “Next Generation” of Opt In Email Encryption — combining both usability and security.

Read the rest of this post »

LUXSCI