31 Jan 2019
Why using email to send confidential information is a bad idea
Email is widely used by clients to communicate with expert networks, and by expert networks to communicate with experts. Ironically, it’s also one of the least secure means of communication in today’s digital world. It compares to sending a postcard – basically anyone along the way who’s interested can read the contents of a message.
Emails go through several intermediaries: Emails are not as direct as they might come across. On its way to the recipient, an email will pass through multiple servers, including the ISPs involved, with copies of the emails stored at each server.
You can’t affect how long the recipient stores the information: According to GDPR and other privacy legislations, personal data in emails should not be saved longer than necessary. But even if you have processes in place to follow the principles of storage limitation, you will never know how long the recipient saves the email for (or for how long third party servers will save copies of it).
You have no control of which security measures the recipient takes: You might be cautious enough to use an email program that supports encryption, but that caution is wasted if your recipient uses a non-secure service.
The human factor: Haven’t we all accidentally replied all, included the wrong attachment or sent an email to the wrong person? The human factor is well worth considering when deciding which steps to take to protect sensitive information. Once an email is sent it can not be changed or taken back.
So what has this to do with Inex One? Inex One is an Expert Management System used by clients to manage expert networks and expert calls. We replace the need of using an email program to communicate with expert networks, and the need of using spreadsheets to compile and administer expert profiles. Inex One’s product suite was built according to the principles of Privacy by Design, and the security and privacy of our clients’ data are our highest priority.
Contact us at firstname.lastname@example.org to find out more.