Keeping Customer Data Safe in the Digital World
Security & Legality
Recent data breaches and malware phishing attacks have unfortunately become the "new norm" in today’s digital world. Cybercriminals target Internet users of all stripes to gain access to online accounts associated with an email address, such as online banking. A consumer alert from the IRS reported a 400% increase in online phishing and malware attacks during the 2016 U.S. tax season. Phishing attacks resulting from successful data breaches and stolen data is especially dangerous because it allows attackers to exploit credentials and infiltrate corporate systems to extract sensitive data and intellectual property. No organization wants security scars and no organization is immune to these types of attacks, but there are certain measures you can take to minimize the risk to you and your customers. That’s why it’s important to do extensive due diligence when evaluating any type of cloud solution provider to ensure they have the necessary protocols and product capabilities in place to protect against data breaches and other security threats. Security is understandably a top concern with digital transactions. Read on to understand eSignLive’s approach to keeping your data and your customers’ data safe and secure at all times.
Adhering to Cloud Security StandardsRecent reports of hacks and stolen data clearly demonstrate the need to engage with vendors that have strong security controls and processes in place. Many of the organizations that we speak to want assurance that the e-signature provider they partner with meets the necessary security requirements to keep document-based transactions safe and secure. This requires the right mix of people, processes and technology. Regulated industries and high volume customer-facing transactions are eSignLive’s sweet spots, so we need to go above and beyond commonly used security protocols. Our ultimate goal is to protect your data so that you can remain compliant with standards imposed by your stakeholders. Our e-signature service is hosted on world-class cloud infrastructure services from Amazon, IBM and Microsoft with highly secure data centers and military-grade security of facilities. Moreover, we adhere to the most robust global cloud security standards in the market, such as SOC 2, HIPAA and FedRAMP. Our auditors keep us honest, ensuring that we attest to and implement security best practices – day in and day out – without exception. They can ask us to open up the e-signature kimono, if you will, at any given day or time to demonstrate compliance. This means that we have the necessary tools to detect and respond to threats, should they occur.
Offering Flexible Deployment OptionsBusinesses are making use of applications in the cloud more than ever before, but, trusting documents and data with another company can be nerve-racking. Therefore finding a dependable, security-conscious provider that offers flexibility is critical. Take deployment as an example. eSignLive offers the ability to deploy the solution in a public cloud, private cloud or on-premises behind your company’s firewall. Regardless of how you deploy the e-signature solution, we offer the same product, the same code base and the same user experience – without compromising on security or functionality. And if your IT, business or legal needs change over time, you have the flexibility to easily migrate from one deployment to the other. The ability to make these types of on-the-fly changes helps ensure you can keep business moving and eliminate (or at least minimize) security risks without impacting your employees, partners and customers.
White-labeling: The Best Way to Protect Your BrandRisk aversion in the market has been a strong driver behind the branding customization and white-labeling capabilities in our eSignLive solution. Clearly, when an e-signature vendor’s logo and brand are a prominent part of your e-signing experience, it can create confusion and a disjointed experience. If the e-signature vendor’s system is breached, even though it is completely unrelated to you, it could very well have a spillover effect that impacts your company by association. Email addresses, or even worse, sensitive customer data could be stolen as part of a breach. The advice we give our customers is to fully white-label the e-sign experience – from the web and mobile screens to the email notifications that are sent to signers. This is the #1 thing you can do to protect your brand and make it easier for your customers to detect suspicious emails. Ultimately, this comes down to creating and maintaining trust between you and your customers. The last thing you want is a third-party vendor’s brand as part of the signing experience – causing confusion and potential drop-off. Look for an e-signature provider that enables you to:
- Integrate with your own email servers to allow emails to be sent from your domain (e.g., @yourbank.com) instead of theirs (e.g., sent via [insert vendor name])
- Customize the content and look-and-feel of email notifications
- Customize the colors, logo and the visibility of elements such as headers, navigation bars, footers, etc.
- Customize dialog boxes and error messages