Piracy gets a lot of attention in the entertainment industry — surveillance, not so much. That needs to change. Your organization could be subject to email spying and other surveillance — and not just from government organizations. A number of third party service providers including Cloud services providers, ISPs, the companies running the apps your team uses, online advertisers, and other organizations all gather massive amounts of information on your employees and your company, including the emails they send, the sites they visit, their passwords, online habits, and of course your intellectual property (IP).
Unsecured connections like public Wi-Fi are particularly susceptible to email spying and electronic surveillance. Hackers often stake out these connections, stealing passwords, compromising accounts, and fishing for financial data they can exploit. Not only can this compromise your IP — it can also lead to the release of embarrassing information on your organization, your talent, and your products.
Email Spying Faces Few Regulatory and Technical Controls
The severe consequences hacking can have on the entertainment industry was illustrated in the Sony email hack, but legal information gathering may be an even bigger threat. There has never been adequate regulatory protection for data collected by service providers, and enforcement has recently been weakened. Congress recently rescinded FCC rules that prohibit your ISP from sharing information it collects on your online activities. Under the rule change, it appears that ISPs will be able to sell information they collect about your online activity, such as the sites your users connect to, and unencrypted information they share.
Technical controls are also insufficient. Wide adoption of TLS provides basic encryption to protect against email spying, but TLS has many points of failure. Even if your email provider uses it, an issue with your recipient’s server or any other server it passes through can weaken or break TLS, allowing a hacker to steal files or emails. Email spying could then expose hacked photos, private or confidential business messages, or other embarrassing photos to reporters, alienating your talent and harming your company. Cloud apps protected by TLS are also vulnerable.
It’s Up to You to Protect Yourself From Email Surveillance
The good news is that you can greatly reduce the amount of information you expose — and the chance of it being exposed — with a few basic tools. A Virtual Private Network (VPN) is a worthwhile investment. It creates a private network that encrypts and obscures your employees’ traffic, limiting the information ISPs can gather, while providing protection from hackers.
However, you should also employ email encryption. Using a client-side email encryption provider, like Virtru, prevents email spying by protecting the emails themselves. Messages and attachments are encrypted before they even leave your device and stay encrypted across their whole journey, preventing third-parties (including Virtru) from deciphering the data. Virtru also allows your recipients to encrypt a reply — even without installing Virtru. That means you can share drafts, recordings, contracts and other sensitive information without having to fear for your security.
Interested in seeing how Virtru can work with your organization? Let’s chat. Or check out these resources to learn more about how to keep your organization safe from surveillance: