When it comes to data leakage, it doesn't really make a difference whether your business is B2B or B2C—customer communications is still risky business. Selling business-to-business often involves exposing sensitive parts of the enterprise—giving your business customers access to online payment portals, shared drives, and sensitive information like bank account numbers. Do your business customers have the controls in place to keep that information secure?
Some might argue that B2C companies have it a little bit better. With enterprise customers, it can be tough to tell whether they're genuinely invested in information security, or just paying lip service. Make the wrong assumption, and you're toast. As far as ordinary consumers are concerned, enterprises don't really have to worry about exposing sensitive applications—but they do have to worry about data leakage.
Liabilities from Communicating with Consumers
We already know that an escalating number of data breaches can be put down to employee or system error. If you're an organization that communicates with consumers primarily via email, you may live in fear of an incident like Nutmeg's 2015 data breach. During this incident, the financial services startup accidentally sent out emails that allowed recipients to view users' financial information other than their own.
In a similar incident, the Washington State Liquor and Cannabis Board (WSLCB) accidentally sent tax returns, SSNs, and other personal records to a journalist looking for records on retail license applicants. Notably, these documents were sent out without password protection—meaning that anyone who was sent them in the past can still download them at will. Whether it's corporations or government agencies involved, the risk of an accidental data breach is large.
B2B Communications Risks
In addition to data leakage, enterprises who focus on B2B sales must navigate another hazard—where does data go after you send it on? For audit and compliance purposes, you should always establish a paper trail that goes along with a data trail. Once the data you send over ends up in the hands of your customers or partners, however, how do you control where it goes next?
Safe-T Box Secure Email Solutions
As part of the overall Safe-T Box package, users get a secure email solution which helps govern the exchange of data between enterprises, their customers, and third parties. The solution is presented in three layers. In layer one, our solution can connect to a DLP solution, to make sure the emailed data is not sensitive and can be sent, and then encrypts the body and attachment of an entire email. Only the intended recipient will be able to read it.
In layer two, the solution checks the recipient. The name of the recipient can be verified against anything from a user's address book to a corporate CRM. This prevents sensitive emails from being sent outside of a trusted circle of individuals.
Lastly, the third layer acts as a buffer that cordons off any unanticipated recipients that the second layer didn’t catch. It wraps up the entire email as a downloadable package. Instead of directly receiving the email, recipients receive a link where they enter a username and password—plus a one-time-password if two factor authentication is enabled—in order to view the email itself. And if the recipient wants to reply back to the original sender with an attachment, that can also be secured and the attachment can be scanned with an anti-malware solution.
In this way, Safe-T Box doesn't just prevent emails from being sent to the wrong address. We offer a way to revoke access to any documents that may have been sent by accident—effectively "un-sending" erroneous messages. To learn more about Safe-T Box, and how to keep your customer communications secure, check out the White Paper: The Ins and Outs of Secure Data Exchange.