Securing Your Bank

Securing Your Bank's Email with 4-Layer Protection

  • By Eitan Bremler
  • Aug 18, 2014

Securing Your Bank's Email with 4-Layer ProtectionImagine getting an urgent phone call from one of your bank employees or contractors, apologizing for the fact that they had just accidentally sent an email with a customer’s confidential account information to a random email address. Or worse, what if the phone call came from the random person who received and opened the email…both cases have very bad implications and pose a massive breach of privacy.

Well, according to Reuters, this actually happened on June 23rd 2014, when a contractor at Goldman Sachs sent an email containing confidential client data to a stranger's Gmail account by mistake.

This is by no means the first time such a mistake happened, it occurred also in the past with other banks, such as Rocky Mountain Bank in Wyoming, where according to various news reports and the court filing, a customer of Rocky Mountain Bank in Wyoming asked a bank employee to email loan statements to a third-party representative. Unfortunately, the bank employee sent the information to the wrong Gmail address. To make matters worse, the data file attached to the erroneously-sent email contained confidential information on 1,325 accounts of other customers. The file included names, addresses, tax identification numbers, and loan information.

While the above cases did not end up costing the bank money, in other cases, sending a wrong email may indeed inflict penalties and fines on the bank or even loss of revenue which can reach millions of dollars.

There are four main reasons why situations as described above may happen:

  • Entering the wrong email address – The bank’s email sender is not required to choose from a closed list of email addresses, and is allowed to enter manual email addresses. In addition, there is no validation of the email recipient. This means, the sender might accidently enter a wrong email address (as per the stories above), or even incidentally send an email to a forbidden recipient.
  • Outgoing emails are not scanned for sensitive data leakage - The content of the emails sent by the bank are not scanned to ensure sensitive information is not emailed (leaked out of the organization). This means email senders can add any information they wish into emails, including sensitive information and there is no system in place to prevent such information from leaving the organization.
  • Emails are unprotected - The email sent by the bank is sent unprotected, allowing the recipient to open the email without requiring any authentication and/or password. If a wrong recipient receives an email, there is no safe guard preventing them access to the information and attachment within the email.
  • Email content is unencrypted - The attachment and content of emails sent by the bank is sent unencrypted, allowing any recipient to not only open the email but also read the content. This is the last line of defense in terms of emails; and in many cases, organizations do not implement it in order to simplify the process of sending the email and the lack of willingness to manage encryption keys.

Banks who are aware of the above reasons for sending email to wrong recipients are looking today for solutions to prevent such grave mistakes from occurring, while maintaining their employees and contractors email sending routines and methods.

Such organizations should deploy a secure email solution which consists of multiple layers of defense which together provide multiple fail-safe points along the process of sending an email to bank’s customers and business partners. These layers should include the following:

  • 1st Layer: should ensure the secured email is only sent to an email address available within the bank’s CRM, thus, preventing the situation of sending the email to a recipient who is unknown to the financial organization. In case the bank does wish to allow entering email addresses manually, it should ensure it implements the additional layers with even higher importance.
  • 2nd Layer: should allow scanning the content of sent emails using a DLP (Data Loss Prevention) system to ensure sensitive data is not sent.
  • 3rd Layer: store the encrypted package within the bank’s network and send the recipient a link to download the package, rather than the email itself, as it happened in the cases mentioned above. In addition, a one-time password or username and password is then needed in order to access the email within the server. This layer of protection offers 2 factor authentication, and prevents un-allowed access to the content.
  • 4th Layer: should allow to automatically encrypt the entire content of the email, including the email’s body and attachment. Thus preventing the situation of sending an email to a wrong recipient and them opening the email and reading the content.

Deploying such a solution will allow bank employees and contractors to send encrypted emails securely to customers and business partners, without disrupting their normal email routines, and does not require the recipient to install software or exchange keys.

About the Author

Eitan Bremler is director product marketing and product management at Safe-T.

Featured

  • UK’s NHS Hospital Transforms Security with Edge-processing Camera System

    i-PRO Co., Ltd.,(formerly Panasonic Security), a manufacturer of edge computing cameras for security and public safety, recently announced that a leading teaching hospital in Northeast England, has enhanced its security infrastructure with i-PRO X-Series cameras integrated with Milestone’s XProtect Video Management Software (VMS). Read Now

  • Gun Violence Report Finds Retail Spaces, K-12 Schools Most Targeted

    ZeroEyes, the creators of the only AI-based gun detection video analytics platform that holds the U.S. Department of Homeland Security SAFETY Act Designation, today announced the release of its annual Gun Violence Report, offering a deep dive into the landscape of gun-related incidents across the United States. This analysis extends beyond mass fatality events, providing a more nuanced understanding of when, where, and why shootings occur. Read Now

  • Agentic AI Will Revolutionize Cybercrime in 2025 According to New Report

    Malwarebytes, a provider in real-time cyber protection, recently released its 2025 State of Malware report, which reveals insight into the emergence of agentic artificial intelligence (AI), plus the year’s most prominent threats and cybercrime tactics. The report details a significant uptick in the number of known ransomware attacks, the total value of ransoms paid in 2024, and how IT teams can address them. Read Now

  • ESX 2025 Announces Expanded Schedule of Events

    ESX has announced its dynamic 2025 schedule, set to provide an unparalleled experience for professionals in the electronic security and life safety industry. Taking place June 16-19 at the Cobb Galleria Centre, this year’s event features an expanded lineup of educational sessions, hands-on workshops, inspiring main stage speakers, networking opportunities, and an engaging expo floor showcasing the latest technology. Read Now

Most   Popular

New Products

  • Automatic Systems V07

    Automatic Systems V07

    Automatic Systems, an industry-leading manufacturer of pedestrian and vehicle secure entrance control access systems, is pleased to announce the release of its groundbreaking V07 software. The V07 software update is designed specifically to address cybersecurity concerns and will ensure the integrity and confidentiality of Automatic Systems applications. With the new V07 software, updates will be delivered by means of an encrypted file.

  • Mobile Safe Shield

    Mobile Safe Shield

    SafeWood Designs, Inc., a manufacturer of patented bullet resistant products, is excited to announce the launch of the Mobile Safe Shield. The Mobile Safe Shield is a moveable bullet resistant shield that provides protection in the event of an assailant and supplies cover in the event of an active shooter. With a heavy-duty steel frame, quality castor wheels, and bullet resistant core, the Mobile Safe Shield is a perfect addition to any guard station, security desks, courthouses, police stations, schools, office spaces and more. The Mobile Safe Shield is incredibly customizable. Bullet resistant materials are available in UL 752 Levels 1 through 8 and include glass, white board, tack board, veneer, and plastic laminate. Flexibility in bullet resistant materials allows for the Mobile Safe Shield to blend more with current interior décor for a seamless design aesthetic. Optional custom paint colors are also available for the steel frame.

  • Camden CM-221 Series Switches

    Camden CM-221 Series Switches

    Camden Door Controls is pleased to announce that, in response to soaring customer demand, it has expanded its range of ValueWave™ no-touch switches to include a narrow (slimline) version with manual override. This override button is designed to provide additional assurance that the request to exit switch will open a door, even if the no-touch sensor fails to operate. This new slimline switch also features a heavy gauge stainless steel faceplate, a red/green illuminated light ring, and is IP65 rated, making it ideal for indoor or outdoor use as part of an automatic door or access control system. ValueWave™ no-touch switches are designed for easy installation and trouble-free service in high traffic applications. In addition to this narrow version, the CM-221 & CM-222 Series switches are available in a range of other models with single and double gang heavy-gauge stainless steel faceplates and include illuminated light rings.