Email Security and Compliance

November 2013

© 2013 by SherWeb. All rights reserved.

© 2013 by SherWeb. All rights reserved.

Did you know that….

58%of IT decision-makers prioritize solutions based on regulatory requirements

1/3American organizations has investigated a leak of confidential information via email in the past 12 months

1/5companies has fired at least 1 employee for email policy violations in the past year

55%of companies state that IT budgets negatively impact their ability to safeguard information

35%of data loss incidents are caused by email leakage

46%of companies allow personally owned PCs as a primary work device

© 2013 by SherWeb. All rights reserved.

The easy, safe route to compliance

We understand the challenges that healthcare institutions, publicly owned companies and financial institutions face in terms of HIPAA, SOX or GLBA compliance.

Even if companies don’t need to be compliant, the need to fully control digital information and protect it from the unregulated use of emails and poor record-keeping processes, which can result in leaks, loss and misuse of confidential and critical information is vital.

© 2013 by SherWeb. All rights reserved.

Some regulations

Health Insurance Portability and Accountability Act (HIPAA)• “Organizations must ensure that email messages containing personally identifiable health information are secured, even when transmitted via unencrypted links, and that senders and recipients are properly verified.”

Sarbanes-Oxley Act (SOX)• “Companies must establish ‘internal controls’ to accurately gather, process and report financial information. Encryption for financial information sent via email is necessary to ensure data integrity and to prevent unauthorized disclosure or loss.”

Gramm-Leach-Bliley Act (GLBA) • “Organizations must implement policies and technologies that ensure the security and confidentiality of customer records when transmitted and in storage.”

© 2013 by SherWeb. All rights reserved.

Email EncryptionOrganization Data Leak Prevention (DLP)Data Leakage Prevention allows keyword filtering of all incoming and outgoing messages, and enforces secure transfer rules based on policies set by the group administrator.

Residing on your email’s gateways, emails will be allowed, blocked or encrypted according to the content they hold.

How it helps you comply:• Avoids brand damage and financial liabilities caused by data leaks

• Allows you to easily make global rule changes for all staff

• Prevent data from being sent unsecured if certain words, patterns or attachments are included in the email message

• Reduces financial liability by “catching” errors prior to data leaving the organization

• Addresses compliance with privacy and national and state technical security safeguard standards (HIPAA, SOX, GLBA, PCI)

© 2013 by SherWeb. All rights reserved.

Email Encryption

End-to-end encryption (E2EE)End-to-end encryption allows organizations to securely send and receive emails and control, track and automate the delivery of all confidential email and attachments.

How it helps you comply:• Sends and receives encrypted emails and attachments with Outlook® through SSL

• Tracks and proves when an email is received, read, replied to or forwarded

• Allows users to set up recipient rules such as Forward/Reply Freeze, For Your Eyes Only (Password Protected) and more

• Integrates seamlessly with any email application on any operating system

• Prevents private data from being stored on the recipient’s device, thereby assuring confidential information remains protected, even if the device is subsequently lost

© 2013 by SherWeb. All rights reserved.

Compliant Archiving

How it helps you comply:• Addresses the demands of regulatory compliance, audits & eDiscovery

• Indexes, serializes and time/date stamps all emails

• Ensures the secure preservation and organization of the company’s intellectual business assets

• Reduces the risks of complications resulting from lost, deleted or poorly managed emails

• Stores all messages in secure mirrored East coast/West coast datacenters

• Allows for seamless message retrieval, regardless of age and size, with proprietary search engine technology

Compliant archiving solution creates permanent and auditable copies of all inbound and outbound emails. It also allows you to easily manage messages while helping you meet HIPAA and SOX requirements.

© 2013 by SherWeb. All rights reserved.

How It Works

© 2013 by SherWeb. All rights reserved.

The SherWeb Difference

Why choose the Cloud…

- Access to the latest technologies

- Expert management

- Pay as you go (no upfront cost!)

- Provider’s commitment (with Service level agreement)

Why choose SherWeb…

- Expert 24/7/365 phone, and email support

- Free mailbox migration performed by a dedicated team of experts

- Onboarding service with a dedicated agent

- Unbeatable value