A security measure’s of little value if it’s not used. And for Wells Fargo, sending and receiving inadequately secured emails to business partners was becoming a potential security risk. So the bank deployed new email security that’s designed to be almost invisible to internal users and very low touch for external recipients, particularly parties that are exchanging sensitive business information, such as wholesale banking or treasury management clients.
“Our [employees], customers, and business partners can interact online in secure, simple manner,” said Steve Ellis, evp of the bank’s wholesale services group in a prepared statement on the new security rollout.
Called SecureMail, the Voltage product utilizes identity-based encryption, a single click option that allows messages to be read at any location through a browser-based interface. The new system is being positioned as an ease-of-use upgrade replacing former security measures that were dangerously underutilized.
“When you interacted with people outside the bank under the old system, you needed certificates and security credentials,” says Wasim Ahman, a vp for Voltage in Palo Alto, Ca, adding the complexity of the legacy email security system was what caused adoption to lag.
Ahman says the identity-based encryption being deployed by Wells uses mathematical calculations to create keys, allowing email addresses to serve as encryption. “If I have your email address, I can send you an encrypted email that goes through just like a regular email,” he says. Additionally, authentication requirements are minimal for users, requiring little more than basic ID credentials to access the bank’s email system.