Knowledge workers who have been faced with having to e-mail confidential or sensitive information know the drill. Break up the information into a few separate e-mail messages, use an external secure e-mail tool separate from your normal e-mail system, or just assume nothing can happen and send the e-mail regardless.
None of these solutions is ideal and taking action to secure e-mail frequently requires both the sender and recipient to take extra steps that interrupt their work and waste valuable time. Getting the information to the recipient securely may require phone calls, sending of passwords via separate e-mail channels, the creation of locked versions of documents in PDF, or packaging information in secure ZIP files.
E-mail presents us with two distinct problems. The first is the security of the message sent. Standard e-mail messages are not encrypted and are vulnerable to interception, making it necessary to take further precautions. The issue of e-mail security is particularly challenging for smaller organizations or individuals who may not have enterprise-level tools available to them.
Moving out of the e-mail client environment to ensure secure communications creates a second problem: in order to secure e-mail messages, the series of steps that must be taken slow down the knowledge worker, and are often simply ignored because of their complexity. Recently, my colleague Jonathan Spira related to me how he sent sensitive information to his banker. He first scanned the document, saved it as a PDF file, password protecting it from prying eyes, and then e-mailed it to the banker. He then called the banker and gave her the password over the phone.
Enlocked, an e-mail security company, is attempting to solve both of these problems in a way that will not only secure important communications and safeguard information, but also not disrupt the flow for the knowledge worker. Enlocked integrates into either the user’s browser or e-mail client, or it can be used via a mobile app. Users are given the option of hitting a “Send Secure” button when sending an e-mail, which encrypts the message using the company’s cloud servers. Enlocked uses the user’s existing credentials (e.g. Google ID if Enlocked is being used with Gmail) when encrypting, so the recipient can verify the validity of the encrypted messages.
On the recipient’s end, if they are an Enlocked user, the system verifies their identity in the same way, by checking the credentials of the plug-in or app. If they are not an Enlocked user, the recipient is prompted to either download the plugin or to use a Web-based Enlocked Anywhere tool.
The advantage of a system such as Enlocked is that it addresses the two problems outlined previously, namely security and ease of use. The process of taking the steps needed to exchange a secure e-mail is time consuming and causes the knowledge worker to leave the e-mail client. This violates the One Environment Rule, a key tenet of Basex’ vision of the productive work environment, the Collaborative Business Environment. Simply put, the One Environment Rule states that the more knowledge workers stay in one overarching environment to do their work, the more likely it is that the initiative will succeed, and the knowledge workers will be productive. Conversely, the more the knowledge workers are forced to switch work environments, the more likely they are to fail in their tasks.
When it comes to security, knowledge workers today are faced with a conundrum. They need to secure communications, but the process of doing so with the available tools slows them down and decreases their productivity. Knowledge workers already live in their inboxes (for better or worse), and to ensure they use secure communications, any encryption tools must be added to the e-mail client environment. Tools such as Enlocked, which recognize the necessity of allowing the knowledge worker to complete tasks without switching work environments, could bring easy to use e-mail security to the masses.
Cody Burke is a senior analyst at Basex. He can be reached at firstname.lastname@example.org