But what if it’s not? It only takes one time, one breach of a client’s data, and your firm’s reputation is at stake. In fact, consider all that you are risking — your clients’ business privacy, your firm’s privacy, and civil and criminal penalties. Also consider that as the topic of data privacy continues to garner attention, clients may look to you as an expert, seeking education on how they can protect themselves against potential data breach. These are all good reasons to care and give security and privacy their due attention.
The Journey of the Standard Email
Now for the big question: Is email safe for sending sensitive documents? The truth is that if most people were aware of the multiple stops an email makes en route to its final destination, they might think twice about sending private information.
Email doesn’t simply move from your inbox to the recipient’s. It is transported across multiple servers, and at each stop point ‘sits’ unprotected. IT experts refer to this as “data in the clear.” While in the clear, emails are open game and at the mercy of the server administrator, who can alter or even delete a message. Below is a simplified illustration of the typical email journey.
Email will most certainly continue to be a primary delivery tools for firms. But as new data privacy mandates continue to emerge, firm leaders may want to look at alternatives for delivering sensitive financial data.
A Resolution to Email Insecurities — the Cloud (Portals)
A better solution for exchanging documents that contain private client data is through secure portals. Other industries, such as banking and healthcare, have converted to portals as a primary delivery tool. And clients within these niche markets have come to expect this level of service. Think about it. Would you even consider using a bank that didn’t offer online banking?
No one is saying email should be abandoned completely. Email will continue to be a firm’s primary communication source. It’s only when sensitive information like tax returns, social security numbers or financial statements are attached within an email that firms should consider a better alternative like portals. The best portal solution also offers the ability to use email as the core communication tool. However, via portals, sending a link to a document is secure because the document is stored online, not attached in the email.
Exchanging and delivering documents using portals eliminates the need to send complete documents as attachments in emails. It also alleviates several other pain points associated with emailing client information, such as encrypting files and creating, managing and communicating hundreds of passwords. Portals allow firms to store sensitive documents within a secure, personalized online space. Firms can then simply provide a link to a secure location where clients can log in and access current versions of their financial documents at any time and from anywhere with an Internet connection.
Email + Portals = Easy + Safe
A key reason why portals are fast becoming a popular document delivery tool is their ease of use for clients. The newest document portals offer the best of both worlds: You can use your own email system to send emails to your clients, but send them a link to a document in a secure portal, rather than attach the document itself to the email. This can be as easy as sending a friend a link to an interesting article on the Web, but it is secure, auditable and compliant. Clients really don’t even need to understand what a portal is. To access the document, they simply click on a link in the email.
Portals are also exceptionally secure, offering advanced, built-in security features. They require recipients to log in using a unique user ID and password to access documents. This ensures authentication and authorization in one fell swoop. Most portals also automatically provide an audit trail that enables administrators to view and set user permissions and track usage, and support automatic back up of data. Even better, portals teach your clients a safer way to communicate, as well — no more sending your firm sensitive information, like SSNs, via email. Everything can be exchanged in the portal. It’s a win-win.