Email encryption – Breaking through the plateau of hype

Technologies often evolve from humble and fragmented beginnings. This situation is usually where there seems to be a myriad of providers and manufacturers all busy beating to different drums.

This seems to happen until the time that one drum resonates loudest or offers the customer what they are really looking for and kicks things off with a technology breakthrough. Technology promises are made, publicity triggers interest, and the hype begins.

New technologies typically follow a path known in the IT industry as, the “Hype Cycle.” The hype cycle tracks maturity, user adoption, and broad social application of a specific technology within the marketplace.

Reaching the plateau of hype

Successful technologies tend to revolve around common protocols and standards, with their benefits widely, tested, demonstrated, and applied throughout the market. It is at this point that we say a technology has reached its plateau of productivity, and the end of the hype cycle. This is the exact trend we are currently experiencing with Email encryption.

Email encryption started as an imposed technology, mandated by government requirements and IT security, to protect the sensitive communication of a small, niche community. It ensured that documents and data were unreadable to anyone aside from the intended recipients. Complex security methods meant that data could only be unlocked by those possessing the correct key. Businesses invested significant resources into a dictated technology, with absolutely no concern for user experience.

As is often the way with technology that is forced upon us, if the technology is complicated to use, people are most likely to find a less secure workaround. They’re not purposefully placing their employers and customers at risk, but if security protocols get in the way of their day-to-day hob, they’re likely to look for an alternative.

Nowadays, email is what keeps most businesses functioning. As a result of this, businesses have realised that the majority of their most valuable data is stored within the inboxes of their employees. So, today email encryption is regarded as a best practice. Businesses, well beyond regulated verticals, use it to enhance their internal processes and deem it a service to enhance key relationships. There are three major reasons why companies use email encryption today:

  1. To protect sensitive, confidential, proprietary information
  2. To reduce the risk of a data breach
  3. To comply with regulatory requirements including healthcare, finance, legal, and retail

So how close are we to the consumerisation of email encryption? Very near I think. It has already reached a stage that consumers are dictating choice of email delivery, from any device on any platform. These same consumers will choose to authenticate using widely recognised credentials they already own and have setup including Facebook, LinkedIn, Google, and Microsoft.

Overall, user experience will reign, over any other email encryption consumerisation driver. This is for both employees and customers. A delay in opening a critical business email due to outdated security policies is simply no longer acceptable in today’s fast moving business world. Forward thinking businesses will move from periodic encryption use to on demand, sending secure messages to their customers on the fly, without fear of non-retrieval.

User experience is driving encryption beyond the plateau

Many approaches to email encryption have been around for quite some time, yet mass market acceptance has generally been lacking. More recently, Office 365 has implemented basic levels of encryption to its platform, but its more of an afterthought than truly embedded into the platform. Encryption methods such as PGP, TLS, S/MIME, Encrypted PDF/ZIP, and PKI are all valuable, however, individually none can respond to the demands of consumerisation.

For email encryption to go beyond a best practice, you need to understand that encryption is more than a check box for compliance or simply a defensive communication strategy. You need to deploy smart encryption solutions; communicate securely with all, regardless of which platform or device is on the receiving end.

By offering users choices, not limitations, you dramatically improve experience, productivity, and operational efficiency.

Kai Cheung, VP of Architecture, Echoworx