The Privacy Rights Clearing house currently tallies 542,608,451 records breached in the past 5 years. Unsecure email certainly contributes to the problem. Small business email (or any email) starts off on a secure or unsecure wired or wireless network then travels over numerous networks through secure or unsecure email servers often vulnerable to people who are in control of those servers.
There is also plenty of hacking and cracking tools bad guys (and good guys) use to sniff out that data in plain text.
With criminal hackers, government funded hackers and the various other snoops, email encryption today is essential.
In a recent study by Ponemon Institute, the latest U.S. Cost of a Data Breach report, which was just released today, shows that costs continue to rise. This year, they reached $214 per compromised record and averaged $7.2 million per data breach event. The fact is that individuals still care deeply about their personal information and they lose trust in companies that fail to protect it.
If your business operates under some form of regulation whether it is finance, healthcare, or any other regulation where fines are imposed in the event of a data breach, then email security should be a fundamental layer of your company’s information security protection plan. Plain and simple if you are concerned about compliance with regulations like HIPAA and the HITECH Act and the numerous state data breach notification laws look to email encryption.
At its basic level PGP encryption is one way to provide email encryption. More on that in the next post.