Sending passwords for the exchange of encrypted data
When exchanging data via e-mail, it is important to use strong encryption for security. In the most common approach the recipient requires a password so as to decrypt the messages that were sent. However, the sender needs to find a way to share this password with the intended recipient(s). Two main channels are used to do this: either the recipient is told the password over the phone, or the sender provides it via e-mail – all too often they do this in the very same e-mail that contains the encrypted data. The latter is potentially problematic for security, since the e-mail containing the password is sent via the same channel as the message with the encrypted data. If this channel is not secure, third parties can easily decrypt the message they merely need to be able to read the e-mail.
Is there a better way to exchange passwords? A way that is easy and convenient for users?
Sending passwords with Cryptshare
With Cryptshare, passwords for messages and files are always sent separately from the original e-mail. In earlier Cryptshare versions, passwords were sent outside the system. Cryptshare customers implemented their own guidelines for the exchange of passwords and adapted them to the company’s desired level of security both in method and strength requirements.
The regular feedback we received from Cryptshare users often included the question if there was a way to send passwords via SMS, since it is another universal and standard technology for communication that is used worldwide.
With the new SMS gateway feature, we have in fact added an alternative way to exchange passwords – and made our customers’ wishes come true.
Sending passwords via SMS with the Cryptshare SMS gateway feature
To send a password via an SMS message, Cryptshare users need take only a few easy steps.
Simply select the option “Send password via SMS” in the transfer dialogue. All available phone numbers for a given recipient are provided. The sender chooses one of these or can enter another number manually. Additionally, a phone number previously copied to the clipboard can be pasted or the Outlook address book can be selected. If there are multiple recipients these numbers can also be added. Confirm and it is done.
Optionally by using the checkbox shown in the transfer dialogue, the sender can exclude selected recipients from receiving an SMS message. After clicking the “Confirm” button, the e-mail with encrypted data and the SMS message will be sent simultaneously.
With the new SMS gateway feature, we have added another significant increase in usability. Additionally, this easy way of transferring passwords via SMS message within the Office 365 environment considerably reduces the temptation of users to simply send passwords via regular e-mail. Hence the risk of human error is minimised – a real and valuable improvement in security.
You can find a detailed step-by-step guide on how to use our new SMS gateway feature in our WIKI.