Securing Your Bank

Securing Your Bank's Email with 4-Layer Protection

  • By Eitan Bremler
  • Aug 18, 2014

Securing Your Bank's Email with 4-Layer ProtectionImagine getting an urgent phone call from one of your bank employees or contractors, apologizing for the fact that they had just accidentally sent an email with a customer’s confidential account information to a random email address. Or worse, what if the phone call came from the random person who received and opened the email…both cases have very bad implications and pose a massive breach of privacy.

Well, according to Reuters, this actually happened on June 23rd 2014, when a contractor at Goldman Sachs sent an email containing confidential client data to a stranger's Gmail account by mistake.

This is by no means the first time such a mistake happened, it occurred also in the past with other banks, such as Rocky Mountain Bank in Wyoming, where according to various news reports and the court filing, a customer of Rocky Mountain Bank in Wyoming asked a bank employee to email loan statements to a third-party representative. Unfortunately, the bank employee sent the information to the wrong Gmail address. To make matters worse, the data file attached to the erroneously-sent email contained confidential information on 1,325 accounts of other customers. The file included names, addresses, tax identification numbers, and loan information.

While the above cases did not end up costing the bank money, in other cases, sending a wrong email may indeed inflict penalties and fines on the bank or even loss of revenue which can reach millions of dollars.

There are four main reasons why situations as described above may happen:

  • Entering the wrong email address – The bank’s email sender is not required to choose from a closed list of email addresses, and is allowed to enter manual email addresses. In addition, there is no validation of the email recipient. This means, the sender might accidently enter a wrong email address (as per the stories above), or even incidentally send an email to a forbidden recipient.
  • Outgoing emails are not scanned for sensitive data leakage - The content of the emails sent by the bank are not scanned to ensure sensitive information is not emailed (leaked out of the organization). This means email senders can add any information they wish into emails, including sensitive information and there is no system in place to prevent such information from leaving the organization.
  • Emails are unprotected - The email sent by the bank is sent unprotected, allowing the recipient to open the email without requiring any authentication and/or password. If a wrong recipient receives an email, there is no safe guard preventing them access to the information and attachment within the email.
  • Email content is unencrypted - The attachment and content of emails sent by the bank is sent unencrypted, allowing any recipient to not only open the email but also read the content. This is the last line of defense in terms of emails; and in many cases, organizations do not implement it in order to simplify the process of sending the email and the lack of willingness to manage encryption keys.

Banks who are aware of the above reasons for sending email to wrong recipients are looking today for solutions to prevent such grave mistakes from occurring, while maintaining their employees and contractors email sending routines and methods.

Such organizations should deploy a secure email solution which consists of multiple layers of defense which together provide multiple fail-safe points along the process of sending an email to bank’s customers and business partners. These layers should include the following:

  • 1st Layer: should ensure the secured email is only sent to an email address available within the bank’s CRM, thus, preventing the situation of sending the email to a recipient who is unknown to the financial organization. In case the bank does wish to allow entering email addresses manually, it should ensure it implements the additional layers with even higher importance.
  • 2nd Layer: should allow scanning the content of sent emails using a DLP (Data Loss Prevention) system to ensure sensitive data is not sent.
  • 3rd Layer: store the encrypted package within the bank’s network and send the recipient a link to download the package, rather than the email itself, as it happened in the cases mentioned above. In addition, a one-time password or username and password is then needed in order to access the email within the server. This layer of protection offers 2 factor authentication, and prevents un-allowed access to the content.
  • 4th Layer: should allow to automatically encrypt the entire content of the email, including the email’s body and attachment. Thus preventing the situation of sending an email to a wrong recipient and them opening the email and reading the content.

Deploying such a solution will allow bank employees and contractors to send encrypted emails securely to customers and business partners, without disrupting their normal email routines, and does not require the recipient to install software or exchange keys.

About the Author

Eitan Bremler is director product marketing and product management at Safe-T.

Featured

  • 2025 Gun Violence Statistics Show Signs of Progress

    Omnilert, a national leader in AI-powered safety and emergency communications, has released its 2025 Gun Violence Statistics, along with a new interactive infographic examining national and school-related gun violence trends. In 2025, the U.S. recorded 38,762 gun-violence deaths, highlighting the continued importance of prevention, early detection, and coordinated response. Read Now

  • Big Brand Tire & Service Rolls Out Interface Virtual Perimeter Guard

    Interface Systems, a managed service provider delivering remote video monitoring, commercial security systems, business intelligence, and network services for multi-location enterprises, today announced that Big Brand Tire & Service, one of the nation’s fastest-growing independent tire and automotive service providers, has eliminated costly overnight break-ins and significantly reduced trespassing and vandalism at a high-risk location. The company achieved these results by deploying Interface Virtual Perimeter Guard, an AI-powered perimeter security solution designed to deter incidents before they occur. Read Now

  • The Evolution of ID Card Printing: Customer Challenges and Solutions

    The landscape of ID card printing is evolving to meet changing customer needs, transitioning from slow, manual processes to smart, on-demand printing solutions that address increasingly complex enrollment workflows. Read Now

  • TSA Awards Rohde & Schwarz Contract for Advanced Airport Screening Ahead of Soccer World Cup 2026

    Rohde & Schwarz, a provider of AI-based millimeter wave screening technology, announced today it has won a multi-million dollar award from TSA to supply its QPS201 AIT security scanners to passenger security screening checkpoints at selected Soccer World Cup 2026 host city airports. Read Now

  • Brivo, Eagle Eye Networks Merge

    Dean Drako, Chairman of Brivo, the leading global provider of cloud-native access control and smart space technologies, and Founder of Eagle Eye Networks, the global leader in cloud AI video surveillance, today announced the two companies will merge, creating the world’s largest AI cloud-native physical security company. The merged company will operate under the Brivo name and deliver a truly unified cloud-native security platform. Read Now

Most   Popular

New Products

  • HD2055 Modular Barricade

    Delta Scientific’s electric HD2055 modular shallow foundation barricade is tested to ASTM M50/P1 with negative penetration from the vehicle upon impact. With a shallow foundation of only 24 inches, the HD2055 can be installed without worrying about buried power lines and other below grade obstructions. The modular make-up of the barrier also allows you to cover wider roadways by adding additional modules to the system. The HD2055 boasts an Emergency Fast Operation of 1.5 seconds giving the guard ample time to deploy under a high threat situation.

  • Luma x20

    Luma x20

    Snap One has announced its popular Luma x20 family of surveillance products now offers even greater security and privacy for home and business owners across the globe by giving them full control over integrators’ system access to view live and recorded video. According to Snap One Product Manager Derek Webb, the new “customer handoff” feature provides enhanced user control after initial installation, allowing the owners to have total privacy while also making it easy to reinstate integrator access when maintenance or assistance is required. This new feature is now available to all Luma x20 users globally. “The Luma x20 family of surveillance solutions provides excellent image and audio capture, and with the new customer handoff feature, it now offers absolute privacy for camera feeds and recordings,” Webb said. “With notifications and integrator access controlled through the powerful OvrC remote system management platform, it’s easy for integrators to give their clients full control of their footage and then to get temporary access from the client for any troubleshooting needs.”

  • EasyGate SPT and SPD

    EasyGate SPT SPD

    Security solutions do not have to be ordinary, let alone unattractive. Having renewed their best-selling speed gates, Cominfo has once again demonstrated their Art of Security philosophy in practice — and confirmed their position as an industry-leading manufacturers of premium speed gates and turnstiles.