Encrypted Email and File Transfer Solutions are Vital for Businesses

Portland, Ore., July 9, 2009 - According to the Osterman Research white paper “The Critical Need for Encrypted Email and File Transfer Solutions,” encrypted email and file transfer solutions are becoming a business and legal necessity due to the high volume of sensitive content stored within and delivered via email. With increasing governance and regulatory obligations, the punitive consequences associated with failure to protect sensitive data outweigh the cost of deploying encryption capabilities.

The research also indicates that secure/encrypted email will be a top-five priority for organizational I.T. spending through late 2010.

The report was sponsored in part by Smarsh, the managed service leader in secure, innovative, and reliable email archiving and compliance solutions. Smarsh solutions for data-leak prevention (smarshDLP) and secure messaging (smarshEncrypt) help users meet email encryption obligations and secure file transfer needs, mitigate risk associated with outbound email and facilitate email supervision.

“Email continues to be the dominant communication and file transport mechanism used in business today, and email and attachments are vulnerable to multiple exposures and a variety of associated risks, simply via the nature of the transmission itself,” said Michael Osterman, president of Osterman Research. “A growing number of state and Federal statutes mandate that businesses encrypt the transmission of sensitive data. Companies are paying a heavy price for data breaches or content interception. Leaks of confidential corporate data and hardship to consumers carry consequences. Having a secure messaging and file transfer solution, such as smarshEncrypt, as part of a messaging management system is a mission-critical priority for today’s businesses.”

The study cites several examples in which the lack of encryption or other protection of confidential information led to enormously damaging and expensive mitigation efforts. By the end of 2008, 44 U.S. states had enacted data breach notification laws, and 25 countries had adopted similar rules. Relevant state and Federal statutes include:

  • Nevada and Massachusetts state laws. These states have developed laws requiring the proactive protection and secure transmission of customers’ personal information, and others are expected to follow.
  • HIPAA. The Federal Health Insurance Portability and Accountability Act (HIPAA) requires that policies and procedures must be established and implemented to protect the use and disclosure of individuals’ protected health information (PHI). As part of the American Recovery and Reinvestment Act of 2009, the provisions of HIPAA (and consequences of non-compliance) were significantly expanded to apply to business partners (attorneys, accounting firms, etc.) of entities already covered by HIPAA (pharmacies, healthcare providers, etc.).
  • Gramm-Leach-Bliley Act (GLBA) & Regulation S-P. Financial institutions are required to protect sensitive information collected regarding individuals. In accordance with the GLBA, the Securities and Exchange Commission’s Regulation S-P requires financial services firms to adopt written policies and procedures that address the administrative, technical and physical safeguards for the protection of customer records and information.

Non-compliance with email encryption mandates certainly carries consequences. At the same time, the report contends that businesses that proactively demonstrate secure infrastructure for their customers’ sensitive data are more likely to build trust, acquire new business and maintain their customers. Banks use encrypted access to data as a benefit for customers, and physicians are answering a demand from patients by communicating via secure messaging.

The white paper also cites the growing interest and dependence on dedicated, secure file transfer systems. Email attachments continue to increase in size, and transmission of the data within merits secure delivery. A dedicated file transfer system can ease the burden on email servers, and benefit users by eliminating the impact of email file-size limits. Email related storage and costs are reduced, as is impact on network bandwidth.

“Email and file transfer encryption does not need to be disruptive to business processes, cost-prohibitive or burdensome for internal resources,” said Smarsh CEO Stephen Marsh. “There are multiple points at which content can be encrypted and multiple models for deployment, and organizations need to find the right solution to meet their specific needs. The first priority needs to be finding a solution that offers peace of mind with data protection. Beyond that, it is important to put an email encryption system in place that is easy to use and administrate, that doesn’t complicate or impede other email system functions like supervision and that can be implemented cost-effectively.”

“The Critical Need for Encrypted Email and File Transfer Solutions” documents important factors for businesses to consider when deploying encryption systems.

About Smarsh

Smarsh® is the managed service leader in secure, innovative and reliable email-archiving solutions for message compliance and records retention, proactive litigation readiness and mail server data management. Smarsh solutions for data-leak prevention and secure messaging help users meet email encryption obligations, mitigate risk associated with outbound email and facilitate email supervision.

The SaaS (software as a service) delivery model enables clients to eliminate IT infrastructure costs and minimize operating burden, while benefiting from Smarsh’s expertise and experience in hosting large volumes of mission-critical client data. Customizable solutions fit the needs, budgets and technological infrastructure of any firm – big or small – and are matched with unrivaled customer support and service.

Founded in 2001, Smarsh’s growth has been recognized at both the local and national level. In 2008, the company was named to the “Inc. 500”, Inc. magazine’s annual analysis of the fastest-growing companies in the United States, while The Portland Business Journal recently ranked Smarsh No. 1 in its 2009 growth rankings for the state of Oregon.

About Osterman Research

Osterman Research was founded by Michael Osterman in 2001. Since that time, the company has become one of the leading analyst firms in the messaging and collaboration space, providing research, analysis, white papers and other services. The core of Osterman Research's capabilities is its market research panel of IT professionals and end users that are regularly surveyed on a variety of topics related to email, instant messaging, spam, collaboration, security, storage, archiving, data retention, compliance and other areas. For more information, contact Osterman Research at 1.253.630.5839 or visit ostermanresearch.com.

# # # #

Use the filters below to find regulations and laws relevant to you and your company.

© 2012 Smarsh, Inc. All rights reserved. The Smarsh logo and name are registered trademarks of Smarsh, Inc. The Bloomberg name and logo are trademarks
of Bloomberg Finance L.P. or its subsidiaries. All other logos, company names and product names are property of their respective companies.