" tls Archives - LuxSci

Posts Tagged ‘tls’

New Feature: Secure Email Tagline

Thursday, June 23rd, 2022

LuxSci is introducing a new email tagline feature to inform recipients that email messages are secured. This helps build trust and increase confidence with less tech-savvy recipients who do not understand how email encryption works.

secure email tagline

TLS Encryption

TLS encryption is now widely supported by the most popular email providers. As a result, more organizations are choosing to send emails containing sensitive data with TLS encryption. There are a few reasons for this:

  1. TLS encryption is permitted under HIPAA and most compliance regulations.
  2. It’s easier to use and does not require recipients to log in to portals to access their messages.
  3. The open and response rates are higher on TLS encrypted messages.

However, using only TLS to encrypt emails can be confusing to the laypeople receiving them. While it’s easy to use and “invisible,” that can be concerning when transmitting sensitive information. If it looks like a regular email, recipients may be concerned that the organization does not care about the security of their personal information. This perception can negatively impact the business and dissuade people from using digital channels.

Introducing a New Email Tagline

For these reasons, all Email Hosting, Secure Connector, Secure High Volume Email, and Secure Marketing customers who send emails encrypted via SecureLine will have a small tagline at the bottom of the email that indicates the message is secure. It looks like this:

message secured by LuxSci tagline

This tagline builds trust and lets the recipient know that the company has taken steps to secure sensitive data. If you are an existing customer, visit your email settings or contact Customer Support to enable this feature. New customers will automatically have the tagline enabled when sending SecureLine encrypted emails.

Does TLS Email Encryption Meet Compliance Requirements?

Tuesday, February 22nd, 2022

In this article, we discuss what types of email encryption are sufficient to comply with government regulations. TLS encryption is a good option for many organizations dealing with sensitive data and legal requirements. However, TLS does not protect data at rest. Each organization must undertake their own risk assessment to determine which encryption methods are suitable to fulfill legal requirements.

Read the rest of this post »

Email Encryption for HIPAA Compliance: SMTP TLS vs Portal Pick Up

Tuesday, February 15th, 2022

Email encryption is an addressable standard for HIPAA compliance, but that doesn’t mean it’s optional. When sending sensitive data via email, it should be protected with encryption. However, there are many ways to send a secure email message and HIPAA does not require the use of a specific method.

The two most common email encryption methods include SMTP TLS and Secure Portal Pick Up. This article will discuss the differences between them and provide guidance for what to use in a HIPAA compliance context.

email encryption for hipaa

Read the rest of this post »

Are Replies to my HIPAA-Compliant Secure Emails also Secure?

Friday, June 18th, 2021

Sending HIPAA-compliant secure emails is easy- LuxSci’s services allow you to send secure emails to anyone with an active email address. One common question is whether the replies back to these messages will also be HIPAA compliant. This is especially a concern when customers choose to use TLS only a a secure means of email delivery.

In this article we will break down the various ways that messages are sent securely from LuxSci to recipients across the Internet, and how replies behave — and whether they are secure and compliant. At the end, we provide some recommendations for best practices for maximizing data security.

Read the rest of this post »

Opportunistic TLS for SMTP

Tuesday, December 15th, 2020

If you want to make sure your emails are secure and private, opportunistic TLS for SMTP won’t quite cut it. To explain why, first we have to step back a bit.

Most people don’t put a lot of thought into how their emails are sent and received, so it’s not unusual for them to think it works akin to teleportation or magic–that messages somehow just appear right in their inboxes.

While the rapid delivery speeds may seem to justify such presumptions, there are actually a bunch of steps under the hood. When you send an email, it uses a protocol called the Simple Mail Transfer Protocol (SMTP) to make its way through to your recipient’s server. From there, your recipient uses another protocol such as ActiveSync, POP3, MAPI, or IMAP, or a Web-based interface, to pick it up and read it.

Opportunistic TLS

Unfortunately, these aren’t always secure by default. Under its original design, emails are sent as plaintext. This means that anyone along the email’s journey can see (and even change) their contents. This can include those in charge of the servers, the government, and even hackers that intercept the data.

Thankfully, engineers weren’t completely oblivious to this glaring security hole, and they have introduced a number of mechanisms that can be leveraged to protect email.

Read the rest of this post »