Two Potential Security Vulnerabilities in Your Business Fax Process
With the private records of 22 million government employees hacked by a hostile government, and more than 100 million patient health records stolen from some of the leading healthcare providers, 2015 might go into the record books as the year of the data breach.
Which makes early 2016 a great time to re-examine the security and compliance levels of your… business faxes. (Didn’t see that coming, did you?)
Can you hack a fax? Good question – Let’s explore:
But assuming your staff receives and sends sensitive or confidential data by fax, you can’t afford to transmit and store your company’s faxed documents without proper security any more than you can afford a security vulnerability in your corporate email or network.
2 Reasons Your Fax Process Might Not Be Secure
1. Your organization uses paper-based faxes without proper security protocols.
Whatever industry you’re in, chances are your business uses traditional desktop fax machines on at least a semi-regular basis for faxing with vendors, customers and business partners. Researchers at Opinion Matters found 72% of US-based companies still fax by paper in their normal course of business.
So, what’s the risk? Here’s another statistic from the Opinion Matters survey: Almost 50% of office workers say they’ve read a fax document that wasn’t intended for them. Because anyone in the office can read a fax left on the machine, transmitting sensitive material this way can violate the major data privacy regulations such as HIPAA, GLBA and SOX.
Additionally, in its 2014 Insider Threat Survey, security firm Spectorsoft found that 35% of businesses have suffered an “inside job” data breach — from employees, contractors or others who had legitimate access to the company’s network.
But the vulnerability can be even worse than this. Let’s return to the point we made at the beginning. Digital hackers are becoming increasingly sophisticated, brazen and ambitious in their hacks — stealing digital data from major US corporations and even the federal government. How does this affect faxing? As PCWorld points out, standard fax machines and desktop printers store electronic copies of the files they process. That means if thieves can steal the hardware, they can access the sensitive files you’ve used it to transmit.
The answer? Deploy a hosted, cloud fax solution. If you choose the right provider, such a service will be both secure and compliant — not to mention far more convenient and cost-effective than your legacy fax environment. A cloud fax service can let your staff send and receive faxes securely by email or through a PIN-protected web interface.
2. You are storing and archiving your business faxes without proper security.
We’ve been discussing faxes in transit — a vital few moments where, without proper security in place, they could be vulnerable to theft by cyber criminals. But remember, in the major data breaches — such as the 100 million patient records stolen in 2015 — the data is taken not while it’s on the move, but while it’s in storage.
Few businesses think of it in these terms, but your company’s fax documents live well beyond those few exciting moments where they traverse the telephone network (or the Internet). They can live on forever at rest, in either digital or hard copy format (or both), in storage.
So, if you transmit paper faxes, or scan the documents and then transmit the copies by email, what’s your process for storing those faxes for long-term record-keeping and auditing purposes? Do you have procedures and policies in place to secure them 24/7/365?
Here, again, the solution is to deploy a cloud fax service with a trusted, proven provider — like eFax Corporate. We offer highly secure fax solutions that enable storage of all of your organization’s inbound fax documents on the cloud. With eFax Secure™, an add-on to our online fax service, your inbound fax documents will be protected at rest with the most advanced encryption standards available, AES 256-bit encryption.