On the Samsung Solutions Exchange, You’re Free to Roam

Employees are now demanding on-the-fly access to corporate email while on the go and flexibility to work beyond their company’s walls and secure networks. At the same time, IT is tasked with ensuring this corporate data still stays secure. However, often this security comes at the expense of employee usability and convenience.

To help bridge the gap, ZixCorp announced this morning that ZixOne is now available on the Samsung Solutions Exchange to help expand the mobile security options for enterprises using Samsung devices.

With ZixOne, companies can support and manage the increasing complexities of a mobile workforce through:

  • Protection of sensitive corporate data in email
  • Convenient employee access to corporate email
  • Compliance reporting to confirm that sensitive data is not exposed when a device is lost or stolen

Because of ZixOne’s unique “no-data-on-device” approach, employees are free to roam while accessing corporate data on their mobile device, and enterprises can rest assured knowing the risk of compromise is mitigated.

Any Questions?

Stay safe out there, and if you have any questions, just give us shout via Twitter (@ZixCorp).

Posted in Bring-Your-Own-Device, Company News | Tagged , , , | Leave a comment

Upcoming BYOD Webinar: State of Mobile Security in 2014

What BYOD challenges, security risks and technologies are companies responding to in 2014?

Find out by joining our webinar on July 15 at 2:00 p.m. ET when we showcase findings from the recent BYOD & Mobile Security Spotlight Report conducted by Holger Schulze of Information Security Community.

More than 1,000 IT decision makers were surveyed about the mobile threats facing their organizations and the BYOD solutions and strategies being used to combat them.

During this webinar, Holger and ZixCorp expert Geoff Bibby will discuss new BYOD insights, surprising trends and fresh perspectives on the state of mobile security. A Q&A will be opened up at the end.

Highlights from the report include:

  • The key drivers for BYOD are about keeping employees mobile (57 percent), satisfied (56 percent) and productive (54 percent)
  • The biggest BYOD security concerns are loss of company or client data (67 percent) and unauthorized access to company data and systems (57 percent)
  • The most common risk control measures are password protection (67 percent), followed by remote wiping of data (52 percent) and use of encryption (43 percent).

Can’t make the webinar? Stay tuned for a summary and archived recording.

Posted in Bring-Your-Own-Device, Technology | Tagged , , , | Leave a comment

Summer Fun with BYOD

It’s the time of the year to pack up the family and head on vacation! Whether your destination of choice is the beach, the mountains, or Disneyland, all that matters is spending quality time with loved ones.

Now, we all wish for a few uninterrupted days or even weeks of vacation every summer, but that just isn’t realistic in today’s connected environment. Instead, we need to find the best ways to limit those interruptions, so they don’t take away from precious time out of the office. With this in mind, we’ve come up with a few ways BYOD can bring balance and convenience to your summer vacation:

Easy to connect and disconnect

Certain BYOD solutions provide a buffer between work and personal information, allowing users to easily check what work items they need to, and then disconnect quickly. For instance, with ZixOne, you can check work email in a separate app from your personal email account, eliminating the urge to check work email when simply checking your personal account.

Less to take along

Would you like to fill that extra space in your travel bag with that new summer outfit or a work-issued device? BYOD allows you to take one device with you on vacation and leave that clunky computer or phone at home.

Keeps you sane!

When on vacation, occasionally having easy access to work email is actually a good thing. Setting aside a few minutes to read through emails, either early in the morning or after the kids go to bed, allows you to stay connected and limits the dread of going back to a full inbox.

Most secure way to check email

While it may not be on most employees’ minds, traveling can expose your devices to a number of security risks. Whether you lose your phone or connect to a rogue Wi-Fi network, there is a chance sensitive corporate data can be intercepted. With ZixOne, no corporate email resides on the phone. Instead it is securely accessed through the cloud and password-protected through the ZixOne app.

Working on vacation is not ideal, but with the right tools and self-control, it can be done efficiently and help ease the stress of returning to the office.

Here’s to a great summer vacation!

Posted in Bring-Your-Own-Device | Tagged , , , , | Leave a comment

Supreme Court Exposes Limitations of MDM Solutions

We’ve long alluded to the fact that mobile device management (MDM) has its limitations for both businesses and their employees. But hey, don’t take it from us….hear what the Supreme Court had to say in its recent ruling against cellphone searches without a warrant.

In the opinion statements, Chief Justice John G. Roberts rejected the argument that evidence won’t be able to be preserved by the police to do phone wiping or encryption:

Remote wiping can be fully prevented by disconnecting a phone from the network. There are at least two simple ways to do this . . .

He then goes on to describe the two ways:

First, law enforcement officers can turn the phone off or remove its battery. Second, if they are concerned about encryption or other potential problems, they can leave a phone powered on and place it in an enclosure that isolates the phone from radio waves.

The last bit describes the use of Faraday bags, which the Court goes on to explain in more detail.

(As a side note, it’s true that shielding the phone within a Faraday bag would prevent a remote wipe. However, such a technique would not prevent encryption from rendering the data unreadable.)

The bottom line – even the Supreme Court realizes that “wiping a phone” (the primary security defense used by MDM) is easy to circumvent and can’t be relied upon with a high degree of confidence.

While many IT admins may look towards remote wiping as a tool for BYOD security, it shouldn’t be the main piece of arsenal. At the end of the day, there are alternative methods of protection, such as keeping corporate data off the device and disabling access if the phone is lost or stolen.

What’s your take? Is remote wiping an effective or overrated security practice?

Posted in Bring-Your-Own-Device, Privacy | Tagged , , , , , , | Leave a comment

The Supreme Court’s Mobile Privacy Endorsement…and what it may mean for BYOD

This week was a landslide win for supporters of mobile privacy.

On Wednesday, the Supreme Court protected mobile privacy rights by ruling 9-0 against cellphone searches without a warrant. While this will impact the 12 million people arrested every year, it’s really just the tip of the iceberg when it comes to defining what’s reasonable in terms of mobile privacy in the digital age.

Chief Justice John G. Roberts Jr. set the stage for how cellphones play a role in our everyday lives.

Roberts, writing on behalf of the court, stated that cellphones are “such a pervasive and insistent part of daily life that the proverbial visitor from Mars might conclude they were an important feature of human anatomy.”

That is, they contain the most personal details of our lives and searching a phone is as invasive – if not more so — as rummaging through someone’s home, which the Fourth Amendment protects against.

Roberts went on to say, “it is no exaggeration to say that many of the more than 90% of American adults who own a cell phone keep on their person a digital record of nearly every aspect of their lives—from the mundane to the intimate.”

The Supreme Court’s decision also has the potential to redefine what it means to have a reasonable expectation of mobile privacy and also represents a major blow to the security provided by mobile device management (MDM) solutions.

For one, the Supreme Court makes it pretty clear that mobile devices contain an exponential amount of personal information that would cause major distress if accessed without permission. We can also presume that the same amount of distress would occur if the device is wiped by an employer.

Typically, MDM policies require employees to download MDM software on their personal device. If the device is lost or stolen, an employer can send a command to wipe data from the device, ultimately deleting both corporate and personal data.

Given the decision that was just made, we would not be surprised if the discussion eventually shifted to the ethical and legal privacy concerns around MDM.

What’s your take? Does mobile device management cross the line when it comes to mobile privacy rights?

Posted in Bring-Your-Own-Device, Privacy | Tagged , , , , , , | Leave a comment

Zix Encryption Network – The Next Era of Email Encryption

While 2014 is being referred to as “The Year of Encryption,” it’s not a new concept – by a long shot.

Data encryption has been around for thousands of years. An early version dates all the way back to 50 B.C. when Julius Caesar used a simple encryption method to send private messages to his generals. Known as the “Caesar Cipher,” the encryption method involved substituting letters for another (A=D, B =E, etc.).

Okay, the Caesar Cipher doesn’t quite compare to current encryption standards, but it did spark a new way of keeping confidential information out of the hands of adversaries.

As the encryption journey continued, advancements in encryption took senders and receivers through complicated series of codes and cyphers, at times requiring complex mechanical and electromechanical machines, such as the Enigma Machine used in World War II.

Even in the 1970s when computers entered the equation, both the sender and receiver had to securely share the secret encryption/decryption key before encrypted messages could be unlocked.

Eventually, encryption expanded beyond an exclusive art practiced by military and government agencies. New cryptography advances, including Advanced Encryption Standard (AES), Public Key Cryptology, Transport Layer Security (TLS) and Secure Socket Layer (SSL), were introduced to enable businesses to protect online communications for everyday use.

Still, these encryption advances posed complexity, adding risks of security breaches and data theft.

Why 2014 is really the year of encryption

From ZixCorp’s perspective, 2014 is “The Year of Encryption” not because encryption itself is a new concept, but because there is finally a shift happening that brings secure, user-friendly encryption to the masses—and it’s right on time given the never-before-seen threats we’re encountering.

Leading organizations like Facebook and Google recently stepped up to make consumer email more secure, and today we’re showing our commitment to making business email secure by unveiling Zix Encryption Network.

Zix Encryption Network is a growing community, already 10,000 businesses strong, which enables the automatic exchange of encrypted email for all messages between members.

Once you are in the network, you can exchange encrypted emails without any additional steps. No passwords or portals – members simply send and receive email as they normally would and all messages leaving the network are automatically encrypted to other members, regardless of content.

Zix Encryption Network removes those pesky past barriers to securing email and has the infrastructure to support every single business worldwide, bringing a never before seen level of transparency and security to business email.

As the network grows, the more secure your business, customers and partners become.

Learn more about Zix Encryption Network and how you can be part of the world’s largest and most secure email encryption network.

Posted in Company News, Email Encryption, Privacy, Simple to Use, Technology | Tagged , , , , , | Leave a comment

An Inside Look into the ZixResearch Center

Recently, we sat down with experts from the ZixResearch Center to get insight into how ZixCorp’s industry-leading filtering policies determine which emails must be encrypted, or in the case of ZixDLP, which emails are quarantined. These policies provide a vital service to customers by identifying and protecting sensitive information in emails and attachments. Enjoy the Q&A below and feel free to leave comments if you have additional questions.

- Could you tell us the role of the ZixResearch Center within the company?

We have four people here to create and update specialized policy filters for types of words and terms. We created them when we first started in 2001/2002 and have been the owners and overseers ever since.

- In laymen’s terms, how would you describe a policy?

A policy is the instruction that tells our filter, ZixGateway, what to look for in emails. So, let’s say you’re reading an email message and you see a nine digit number (123456789). At a quick glance, you might think this is a social security number. Our policy-based instruction would see that nine digit number but would then look around the number for clues that tell the filter it’s actually a social security number. For, example, it would say, “John Doe’s SSN is 123456789.” Drilling down into that type of detail makes our policies more sophisticated than others.

- How are these instructions developed? How are they developed to specifically address regulatory requirements like HIPAA?

We created our first policy before the passage of HIPAA (the Health Insurance Portability and Accountability Act). We knew HIPAA was coming, and so we started looking at what would be included in it.

We created experimental materials and then actually took real email messages from a large health organization and read every single message. Then we put them in a box or a file and determined whether a message should or should not be encrypted. Based on that, we created what we called the jury standard for what should be sensitive, and then we actually used a different set of messages to tune the instructions to see how it was working.

- Do you get permission to use client messages?

We sure do. We also have messages that clients send us for analysis or creation of specific policies for their businesses.

- We’ve talked about the healthcare policy, but what other policies does ZixCorp use to identify sensitive information?

We also have policies for insurance, personal finance, corporate finance and profanity.

- How do ZixCorp’s policies compare to what other vendors are doing?

I work with a lot of clients who have used other products. One of the major differences our customers highlight is that our policies seem to be much more specific than other vendors.

- Do you come across any interesting/surprising stats on lexicons that you would be able to share?

Specifically for healthcare, when we first created its policies almost all customers were focused on limiting false positives.

Then in 2008, when the HIPAA regulations actually came into play, it was a shocking difference … people were saying they didn’t want to miss anything.

- How do you see policies and filters evolving in the future?

One trend we expect to see is a federal version of state breach regulations. The federal government is working on a bill that will replace state regulations. In a similar respect, we also expect policies to become more global as the market begins to address more global regulations.

Posted in Compliance, Email Encryption, Privacy, Simple to Use, Technology | Tagged , , , , , | Leave a comment

Upcoming Encryption Webinar: Learn How Zix Can Secure your Office 365 Email

With Office 365, organizations have access to business-class email along with cloud-hosted applications that can be accessed through a myriad of devices and online conferencing. The one thing it doesn’t offer is strong email encryption.

If you work in a regulated industry, share sensitive information via email or just want to simply make sure your email data is safe – you will need to turn to an outside partner.

Not to worry, Zix has your back with its simple Office 365 integration.

By choosing ZixGateway, Office 365 users have access to hosted email and easy-to-use, secure encryption from Zix that is fully regulatory compliant.

If you would like to learn more about why Zix is the best choice for all your email encryption needs, join our webinar on Thursday, May 22, at 2pm ET. You can register HERE.

Posted in Email Encryption, Technology | Tagged , , , | Leave a comment

Got GAME? Zix Brings Business-Class Message Encryption to Google Apps

Back in March, we were quick to applaud Google’s initiative to improve the secure email experience for Gmail users by forcing encryption through HTTPS connections.

Yet many organizations need stronger and more comprehensive message encryption protection, particularly those that depend on Google Apps to meet compliance requirements for regulations like HIPAA, Sarbanes-Oxley and PCI-DSS.

We have important news for compliance officers and security managers at those agencies and companies.

ZixCorp and Google are launching Google Apps Message Encryption (GAME) – end-to-end email encryption, powered by ZixCorp – available to the more than 5 million organizations and 50+ million users on Google Apps who require the highest level of message protection.

Currently, Google supports secure email within its infrastructure and between its customers. However, emails sent to users on other email systems such as Yahoo and Microsoft Exchange are vulnerable as they travel across the public Internet. That means that if Susie uses her company’s Gmail to send a document with thousands of Social Security Numbers to a business partner using Microsoft Office 365, the email is totally unsecure in-route and can be intercepted.

GAME allows encryption of email to every possible recipient, giving Google Apps customers the confidence that they are protecting the sensitive information of their customers and partners.

Industrial-Strength Encryption 

In the midst of growing awareness regarding data threats and NSA revelations, it’s more important than ever that companies have a reliable solution for the secure exchange of valuable customer and corporate data.

GAME provides “industrial-strength” email encryption that guarantees their sensitive information is safe from prying eyes and helps businesses like doctor’s offices and law firms comply with regulations like HIPAA, Sarbanes-Oxley and PCI-DSS.

Google’s First Step in Taking End-to-End Email Encryption Mainstream

Currently, typical encryption alternatives like PGP (Pretty Good Privacy) are complicated and difficult for non-technical people to use.

Unlike PGP, Encryption keys are managed automatically, which can be a major hassle for the users. In addition, GAME provides a convenient user experience for recipients inside or outside the Google network.

Any Questions?

 Stay safe out there, and if you have any questions give us a shout in the comments section below or via Twitter (@ZixCorp).

Posted in Company News, Email Encryption, Partner Update, Technology | Tagged , , , , , , , | Leave a comment

What It’s Like When You Lose Your Device

We all know what it feels like to lose a smartphone.  Even if it’s just misplaced for a few minutes, that sinking feeling in your gut is unmistakable. That feeling doubles when you realize your phone also contains sensitive corporate data and you might have to report it to IT.

Oh no. Where is my phone?

Image: Playbuzz (http://www.playbuzz.com/scotto/do-you-know-your-internet-talk-or-are-you-a-total-noob)

Oh no oh no oh no oh no oh no….

Image: Hilarious GIFs (http://www.hilariousgifs.com/)

Okay, don’t freak out. It’s got to be around here somewhere.

Image: Tumblr, gif reactions (http://gifreactions.tumblr.com/)

I’m just going to search in every pocket and crevice until I find it.

Image: Tumblr, gifak-net (http://gifak-net.tumblr.com/)

Remember to breathe.

Image: Tumblr, Live and Love Sherlock (http://liveandlovesherlock.tumblr.com/)

“Hey Joe, can you call my phone?”

Image: Know Your Meme (http://knowyourmeme.com/memes/yes-this-is-dog)

Never mind, I put it on silent during our staff meeting.

Image: someecards (http://www.someecards.com/)

Let’s retrace every step I took today….think, think, think.

8. Turk

Four hours later….oh crap, I need to report this to IT.

Image: Mr W Gifs (http://mrwgifs.com/ted-buckland-ok-fine-on-scrubs-gif/)

Remembering where your phone is a few minutes later. Rejoice!!

Image: Tumblr, I Need This For Reactions (http://ineedthisforreactions.tumblr.com/)

Opening your phone to find it’s been wiped by IT.

Image: Tumblr, GIF Hunterress (http://gifhunterress.tumblr.com/)

Officially, the worst day of your life.

Image: Tumblr, brezzyimpact (http://brezzyimpact.tumblr.com/)

What about my contacts and texts?

Image: Tumblr, Just Another Cinemaniac (http://justanothercinemaniac.tumblr.com/)

What about my family photos?

Image: Tumblr, AKA Foxx Club (http://akafoxxcub.tumblr.com/)

What about my apps and music?

Image: Tumblr, Gemini-Dragon-Gifs (http://gemini-dragon-gifs.tumblr.com/)

The blasphemy!!

Image: US 105 FM (http://us105fm.com/top-10-anchorman-quotes-with-gifs/)

Thanks MDM – wish my company used ZixOne.

Image: Photobucket (http://s20.photobucket.com/user/chalkitdown/media/TV Shows/Entourage/phonethrow.gif.html)

 

 

Posted in Bring-Your-Own-Device, Technology | Tagged , , , | Leave a comment