It is one of the first things we do when we start the day: check our email. And that is actually not surprising: a lot of communication now takes place via e-mail. And the best thing? It is always available. The days when we could only view new messages at the office are over: we are available anytime, anywhere. Working from home has also shown that this is important. Regardless of location or device: via email we all know where to find each other and we can share any kind of information we want.
But then the question arises: how do you want to organize this exchange of data as optimally as possible? One of the ways is through the use of Cloud e-mail. We explain in this blog how this differs from private e-mail, but at the same time can be just as secure.
What is email in the Cloud?
The Cloud is a virtual environment in which it is made easy to share messages and files with each other. This way you can access this data from any computer anywhere in the world. This works differently from private e-mail, where all this data is stored “in-house” on your own server.
The advantages of this are:
- Be able to work independently of location
Whether you work at the office, at home or from a holiday destination: you always have access to the data you need. As a result, you are not bound by the office opening hours and work is possible at any time.
- Less technical knowledge required
As an organization, you do not need to have technical knowledge in-house, as this is outsourced. This saves you both knowledge and time during, for example, updates and calamities, so that you can focus on the core business of your organization.
- Lower costs
There is no longer any need to invest in your own servers, updates and personnel. A cloud supplier has a scale advantage in this, so that the costs are always lower than if you were to do this yourself.
- Better and more efficient collaborations
Colleagues can work together faster and more efficiently. By storing projects in one central place, everyone always has access to them. This saves a lot of time and is useful if several people are working on one project. The days of having to forward documents multiple times, creating countless versions of a single file, are over: that not only makes collaboration stronger, but also more efficient.
Although the Cloud has mainly been gaining popularity recently, there are still many skeptics. Because with the sharing and storage of all information in one central place, how secure can this be? Admittedly, working in the Cloud also has its drawbacks:
Nevertheless, it is possible, provided that you as an organization take the correct measures to set up the Cloud service.
- The data is outside the organization
Working in the Cloud means that you let a third party store your data. With this you hand over the data and you have to rely on the safe storage of your data at your supplier.
- Legal impact
Many Cloud services are located outside of Europe and are mainly American-owned. The Cloud Act applies here: if this is desired by the authorities, they have the right to view your stored data. This works against the GDPR, where no one has the right to view your data.
- Working safely online
If online is the only way to work, then you need to make sure the connections are both fast and secure. This can be a challenge with multiple people working within an environment. But it is a plus: if you do not arrange this, chances are that cyber criminals, for example, can also gain access to this environment that is full of your (privacy-sensitive) data.
This is how you use Cloud email securely
Fortunately, working efficiently and simply does not have to be at the expense of working safely. This only applies if you take the correct measures for this. Even if you decide to have your data stored by a third party, you can assume that it will also be processed and stored securely.
To ensure that you can also work safely in the Cloud, keep the following in mind:
Working in the Cloud can therefore promote efficiency within your organization. It is important to take important steps here when it comes to the security of your data. Will the above be made possible, while your teams can continue to work user-friendly? Is your data stored securely, without others having access to it?
Zero-knowledge end-to-end encryption
When exchanging data, you want only the rightful sender and recipient (s) to have access to the data. This data must be protected for everyone else. This applies to your Cloud supplier and especially to cyber criminals. One way to do that is to send your data securely, with zero knowledge. Your data is encrypted, sent encrypted and then stored encrypted. This means that even your supplier, who takes care of the shipping and storage, has no access to your data.
Unfortunately, many suppliers do not use zero-knowledge: they do encrypt your data, but if necessary, authorities can request your data (Cloud Act). Encryption can thus be seen as a false security.
The decryption keys for opening the messages are sent separately and only to the authorized recipient (s).
Gone are the days of keeping your data safe with just a password. In fact, unless your password is extremely strong, it is made very easy for cyber criminals to access your data.
When sending sensitive data, the use of two-factor authentication (2FA) is recommended. This means that access to the data requires more than just a login name and password. You will be asked for additional authentication, which can be, for example, an SMS via the telephone. Only with this extra step will you gain access. That's nice, because suppose someone gains access to your inbox. If a message has been sent with 2FA, this person cannot read this message unless they have access to the code sent by SMS.
--> Read more: Why 2FA and SSO should be in your 2021 security strategy
Set a retention period
Are you working on a project basis? Then there is a good chance that not all files need to be available at all times. In order to link a maximum period of availability to a file, it is important to be able to set a retention period. For example, you can set it to leave highly sensitive files available for one day only. This allows you to prevent data from “floating around” unnecessarily when it is no longer needed.