Rethinking email in a post POPIA world

Email is so widely used that we cannot contemplate the business world without it. But privacy laws bring three key challenges for business and other entities that use email:

Email does not support end-to-end encryption unless an encryption service is purchased and deployed. This makes in unsecure for the transmission of personal information;
An email message is routed along a chain of servers that could include foreign jurisdictions that require prior authorisation when dealing with special personal information; and
Personal information cannot be held indefinitely and must be capable of being deleted or de-identified. This is problematic with email especially where the information is stored on both your and the recipient’s email servers.

An answer to this problem is to provide a fully encrypted platform to store all confidential and personal information. The platform could then operate a private / public key system of encryption similar to that which the banks use for their banking apps. Private / public key encryption relies on a mathematical trick that generates two keys from a password that the user sets; a public key that is used to encrypt the information and a private key that is used to decrypt the information. Although the two keys are generated by the same password, you cannot derive the private key if you have access to the public key (unless off course you have thousands of hours processing time at one of the fastest supercomputers). Email can still be used to notify users that information is available on the platform for viewing but none of the confidential or personal information needs to be transmitted in the email. The email contains a link to the platform where access is only possible on entering the user’s password. For a better user experience, the platform should integrate all of the functionality that you would need to run your enterprise so there is never a need to share confidential or personal information outside of the secure encrypted environment provided by the platform. Full functionality could include:

The ability to distribute and read board papers;
The ability to access confidential fund documents;
The ability to hold multi-way conversations amongst users when dealing with personal information;
The ability to set up temporary data rooms for regulatory audits and the like; and
The ability to sign documents electronically SC Spheres is an affordable platform that offers this functionality and is quick to set up and deploy. We can get you set up with your own fully functional platform for a free month trial and get your confidential and personal information off your email.