By Jacob Ginsberg, Senior Director, Echoworx

Simple and secure communication that complies with regulatory requirements is vital in the financial services industry. Sensitive information is constantly being accessed and exchanged, both internally and with customers. The majority of financial services professionals now access files on the go, making secure email security and file sharing tools vital. The security risks are heightened, as are sanctions for regulatory non-compliance, so financial institutions must take even greater steps to ensure data is protected in transit.

For the financial services industry, specific legislation like the Gramm-Leach-Bliley Act and the EU Data Protection Directive require organisations to adhere to an ever changing group of standards and laws in order to safeguard company data.

A recent survey by Echoworx found that despite 83 per cent of financial services professionals using email more than any other form of communications in the office, 23 per cent either do not use or are unaware of any email and file sharing encryption technology in place. On top of this, research by the Ponemon Institute found that 68 per cent of employees ignore policies about emailing unencrypted sensitive documents through secure channels. Further, 61 per cent send unencrypted confidential information through insecure email channels.

This reveals a worrying attitude towards email security in some of the UK’s biggest financial services organisations. But, why is this happening? Email is hugely vital for business productivity, and if email security policies are proving to be a hindrance rather than a help, then employees are inclined to find a quicker solution which circumvents security controls.

Part of the problem is that a lot of companies and employees think that email encryption implementation is complicated, when actually, it’s not at all. Good email encryption solutions should make the process simple for both senders and recipients, while still keeping non-public personal information secure. Policy based email solutions remove the responsibility for security from individual employees by detecting specified keywords, attachments or number patterns like credit cards or National Insurance numbers.

Too many companies are still relying on the basic email encryption solution of Office 365, which is both cumbersome and doesn’t offer the same level of security as third party alternatives. By the time you get to read an encrypted message in Office 365, you will not only have completed nine different steps, but also given Microsoft some very personal information and accepted their privacy policy. Recipients also must accept the message using a Microsoft Hotmail or Office365 account, or sign in using a very insecure One Time Password (OTP).

In implementing a smart communications encryption solution, financial organisations can prevent incoming threats, prevent data loss or breaches and the associated financial and reputational damage. With IBM finding that the the cost of a data breach to a company has risen to about $3.8 million, this is something that companies are looking to avoid. It’s both difficult and expensive to retain your customers and regain their trust, let alone attract new business after a data breach.