We’ve spent 10 years developing email encryption and compliance services to help our customers meet their compliance requirements without impacting their normal business routine. We have a pretty good idea of what works for most customers, and we’re happy to share our expertise with you. Our customers range from independent contractors to some of the largest enterprise organizations, so we’re sure we can help you find the right solution.
For most customers, a hosted (or “cloud”) compliance solution makes a lot of sense. It’s far more affordable, more flexible with user licensing, and requires no management. However, there are still some requirements for a cloud solution. First, you should be able to route your mail to an external gateway. If you’re not sure if this applies to you, here’s a handy tip: if you’re using hotmail, gmail, or a POP3 account from your website host, you’ll probably can’t use an outbound gateway. We can still provide you with a gateway solution if you’re using a desktop mail client like Outlook. Otherwise, you’ll want to look at a software solution like ZixMail, or contact us about upgrading to a more professional email system. In most cases, this will be a compliance requirement anyways – mixing in confidential patient or financial information in a hosted email service is a bad idea. Some larger customers may have extensive on-premise network security, and an on-premise solution might make more sense. You’ll have added customization and administration features that a cloud solution can’t provide. A good choice would be the ZixGateway, the leading on-premise email encryption solution.
Compliance is a process, and usually takes more than just turning on email encryption for a few users. Consider which users could have access to your sensitive data – they are your primary concern. Also consider the risk posed by employees who could get access accidentally or maliciously, they’ll need to be protected as well. Finally, consider your state and federal requirements. Some laws offer a “Safe Harbor” exemption if you employ security standards across your entire network.
Email was designed to be a simple way to communicate. It has evolved into a much more complex network of communication, but we still expect it to be simple. If you have a handful of key business partners that you communicate with regularly, we can provide a transparent TLS connection for them with just a small setup fee. This could make things much easier for both of you. In some cases, they may already be using the same encryption network we do, and we can help you find out the best way to communicate with them securely.
If your recipients are end users – clients, patients, or customers – consider how they’ll react to seeing a new type of message from you. Other solutions have complicated passwords, .pdf attachments, or login pages to step through. These hurdles frustrate and confuse end users. Our solution is the simplest possible secure email solution: no software for the sender or recipient, no pre-enrollment or .pdf files. We can also help you customize your secure message center, or create a secure portal where customers can send sensitive documents securely to you.
Our service is customization from top to bottom. While our standard polices and message center work well for most of our users, we do offer extensive customization for a small fee. We can add logos and branding, create custom policies, and create reporting tools to help you meet any compliance requirement.