How a shocking security gap poses a threat to your organisation

June 20, 2014

While most big technology companies are keen to point out the security measures they employ within their services, they are much more reticent about what happens when they need to talk to other organisations. That's because there's a serious security gap.

Back in October when the extent of the American National Security Agency's use of personal data came to light, the Electronic Frontier Foundation surveyed the big technology companies to discover what they did to keep data secure.

The results were shocking and showed huge gaps where personal and sensitive data is vulnerable to attack. This was because, while one organisation may have top-level encryption in place, they have no control over what another organisation does and, clearly, encryption only works in communication if both parties are doing the same thing.

Since October, some measures have been put in place to protect users' messages and attachments; however, it's clear there are huge vulnerabilities that must be addressed.

Steve Henn, in his All Tech Considered on, followed up the EFF's work with a survey of the main web service providers and reported that some progress has been made.

He said: "But emails that pass between different companies are only secure when both agree to encrypt the traffic.

"Google has started publishing the percentage of email it sends and receives from other providers that are actually encrypted. One thing is clear: A lot more email traffic is encrypted today than a year ago, and since Google started publishing these numbers, the figures have shot up."

However, while the giants such as Microsoft, Amazon and Facebook are starting to improve security for users, it should not be taking as a signal to relax in the knowledge that things have been "fixed".

The minute communication and data flow between one organisation and another - unless there is a matching encryption protocol - a huge security risk exists, unless defensive action is taken.

Kashif Khan, VP Business Development at ENTWRX, said: "The biggest security risk is undoubtedly in the 'last mile', regardless of how strong a company's encryption policy is.

"When your employees use an unapproved third-party application to open documents the whole organisation is vulnerable to data leak. It's something most users are oblivious to.

"It's no surprise that companies whose bread and butter is to deal with enterprises on a daily basis have now realised this, and are now beginning to bridge the gap. For many of these global organisations, we're playing a huge part in the solution.”

ENTWRX SecureWrx product provides a secure enterprise document workflow solution. It allows employees to use a fully-featured office suite on their mobiles and tablets, yet keeps crucial data within secure boundaries.

"Around the world, currently millions of users are protected using ENTWRX's technology. However, there are innumerable others that need to address their security gap before it's too late," added Kashif.

Current ENTWRX customers include Good, Fixmo, Globo, Excitor, TeamDrive, Soliton, Fasoo, Soonr, JiranSoft and 13Systems.

For more information about how your enterprise's data can be protected contact ENTWRX.

Back to the ENTWRX blog