The trusted alternative to mass market instant messaging solutions
Boost communication by inviting thousands of members in dedicated chat rooms!
Cryptobox provides businesses and organizations with a sharing and collaboration solution to secure internal and external exchanges, using end-to-end encryption.
Cryptobox is the first secure sharing and collaboration solution to provide end-to-end data encryption, whether your device is a smartphone or a computer.
The digital transformation affects all businesses and organizations, from the smallest to the largest. This transformation brought about by technological developments offers many benefits:
To meet the new challenges of mobility and remote work, Ercom has developed Cryptosmart PC, a sovereign VPN solution to secure the connections of your remote Windows computers.
Cryptosmart is the only “Restricted” French & NATO certified solution, jointly developed with Samsung, to secure end-to-end mobile communications on consumer devices.
Posted 7 janvier 2020
Intellectual service providers (consultants, auditors, lawyers, notaries, etc.) handle sensitive information for many clients on a daily basis. The digital transformation landscape in which every organization is now evolving imposes new ways of working, combining efficiency and mobility across functions. Then comes the topic of cyber-security. If collaborative tools are indispensable nowadays to work anytime and anywhere, they are sometimes misused in a professional context, putting at risk confidential data entrusted by clients. Ensuring the integrity of data at rest and in transit between organizations and their clients is now a critical prerequisite for sustainability. Explanations.
What could be more confidential than communications between lawyers and consultants and their clients? All of these trades deal with sensitive information and issues entrusted by various clients. From merger and acquisition strategies to joint ventures and reorganizations, labor laws (tax optimization, HR transformation), competition or intellectual property matters (launching new products, innovation, patents, inventions), communications are often very sensitive. It is this confidential and valuable information that pirates are after.
It is this necessity to work in a short circuit and accelerate communications that pushes these professionals to choose collaborative tools to simplify data sharing and storage. Naturally, out of personal habit, necessity or productivity, it is consumer collaborative tools such as Google Drive, Dropbox or WeTransfer that are widely used for professional use. In addition to exposing organizations to cyber-threats, using these solutions leads to fragmentation, loss of control and loss of guarantee, which is known as “Shadow IT“.
It is then necessary to find solutions designed to meet business needs without disrupting users, with security integrated early on, at the design stage.
Ensuring confidentiality is essential for consulting and law firms. This is sometimes an explicit requirement included in tenders. It is therefore necessary to justify and prove that systems in place ensure secure communications.
Would you leave the door to your office unlocked if it contains highly confidential documents? Within an internal network, everything is interconnected and so a single infected link can contaminate an entire infrastructure. Some organizations – especially those of modest size – may not have the necessary operational resources and expertise to anticipate, detect and remediate security breaches.
Most collaborative tools proudly feature one or more “encryption at rest” and “encryption in transit” statements. Although providing a minimum level of security is now standard, protection is by no means fully ensured.
A file uploaded by either party will only be encrypted on the server once it has been processed by the system. At the end of the secure channel (SSL, TLS), the file will arrive unencrypted on the server, and may then pass through an anti-virus, an indexing engine, a thumbnail generator, etc. There are so many areas in a server where a person with malicious intent will be able to extract a file without being spotted.
Above all, employees must be made aware of best practices and trained accordingly. Individual accountability can help lower risks. It should be reminded that collaborative tools concentrate highly coveted strategic data and that basic security measures need to be applied.
One of the first measures is to give access to the files, via the chosen sharing solution, only to the necessary people, whether they are employees of the firm, the client or external consultants. This is what is called, especially in the military world, the “need to know”.
It is also necessary to ensure data integrity, manage data location and several access levels, and have complete autonomy from administrators.
If accessing collaborative solutions from a smartphone, it is important to ensure that it is also secure. One of the major risks is the interception of data in transit and any associated instant messaging platform. From the moment data travels through regular networks, it becomes potentially accessible and readable. To do this, cyber-criminals have many tools at their disposal: hacking Wi-Fi networks and applications, stealing smartphones or intercepting communications.
In any event, reputation, whether collective or personal, is a major asset to your firm, and, for reasons of sustainability, cannot be allowed to be affected.
A security breach that exposes your clients’ strategic data could have catastrophic consequences, and calls into question the foundations of your firm based on recognition and trust.
The consequences are therefore major: not only can data disappear, and personal or industrial secrets be made public, your firm’s image would be damaged, but also the confidence of clients and future clients would be seriously damaged.
Are you sure you have all the necessary measures in place to ensure your client data is safe?
If not, are you willing to take the risk?
Cet article vous a plu ? N'hésitez pas à le partager