Is There a Safe Way to Transmit HR Documents Online?

HR documents are a treasure trove of personal information. As of July 2019, over 4 billion sensitive pieces of data have been breached. That being said, is there ever a safe way to transmit HR documents online? We think so, and we’ll tell you why.

The Problem

The methods we use to transfer secure documents are just not robust enough to weather sophisticated security breaches. We’ve blogged a lot about how email is an extremely vulnerable method of file transfer and storage. So, that’s no way to transmit an HR document.

Similarly, encrypted email falls short a lot of the time as well. While your end may encrypt the email before it’s sent and transmit it encrypted, your recipient may not have the same concerns. Thus, your transmission is potentially open to being compromised.

Is It Safe to Fax to Transmit HR Documents Online?

Well, in a couple of words, probably not. Fax machines are susceptible to human error—dialing the wrong number, it’s an image document, and it may be viewable at the receiving site by anyone. Online Fax or Cloud-Based Fax is generally considered much more secure than traditional faxing.

In-Person Delivery

When it comes to secure file transfer, it’s really difficult to find a method more secure than this one. However, for obvious reasons, this isn’t always possible. When you don’t work on-location, it’s essential to send HR documents online.

Trustwire: A Secure Online Solution

If you need to transmit HR documents online in a safe way, consider Trustwire. New employees can easily create an account to send documents to HR departments. All documents are end-to-end encrypted.

Furthermore, Trustwire’s ease of use is unparalleled. This means that what it costs to keep your employees up to speed on how to use the platform is virtually free and intuitive.

Is There a Safe Way to Transmit Documents Online?

Yes. Put your confidence in a service that is committed to maintaining its clients’ privacy above all else. Learn more by visiting our website.

Government Contract and Cyber Security Requirements

All government contracting companies must meet certain Department of Defense (DoD) standards in order to maintain their contracts, especially with regard to cyber security requirements. In this post, we look at how your business is required to comply.

What is DFARS?

DFARS is the Defense Federal Acquisition Regulation Supplement, which sets forth the requirements for protecting both the government’s and the contractor’s sensitive information. Basically, any contractor that maintains Controlled Unclassified Information (CUI) has an obligation to secure this information.

This information may be particularly valuable to small manufacturers who seek DoD contracts. The guidelines pertain to both contractors and subcontractors.

Cyber security Requirements

According to the parameters set forth by DFARS, contractors must provide “adequate security” of all CUI. Furthermore, any cyber incidents that occur must be reported quickly, generally within 72 hours.  The DFARS makes clear that a cyber incident doesn’t necessarily mean that the contractor did not provide adequate security, but that the security measures will be assessed. More information can be found here.

The NIST MEP Cybersecurity Self-Assessment Handbook details the ways in which contractors, subcontractors, and supply chains can determine how well they are meeting the needs of DoD contracts’ cyber security requirements for government contracting.

Cyber security Requirements and Government Contracting

Naturally, with the requirements laid out by the DFARS, it makes sense to use the strongest encryption technology available in order to secure information. Trustwire’s encryption is open-sourced, with not deliberate back doors. Furthermore, Trustwire itself does not have access to any of its clients messages, data, or documents, which perfectly aligns with guidelines for handling DoD information.

Implementing Trustwire is simple due to its incredible ease-of-use. This mean less training employees and more getting work done. To learn more about how Trustwire can help your business meet DFARS standards, click here.

Transmission of Security Clearance Documents

In the Greater Capital Region, having a security clearance is a common requirement for employment. Even more, having a security clearance can set an applicant apart from others in the job selection process. Knowing what type of information is requested on a security clearance is important. Similarly, protecting the transmission of this sensitive information is vital. Let’s take a look at what’s involved.

What Type of Information is Requested on a Security Clearance?

National Security positions generally look a few key areas of an applicant’s life. The first is identity and citizenship. You will need to provide your name and any other names you’ve had. You will need to provide information about your citizenship.

While this is pretty straightforward for many applicants, those who are naturalized citizens, hold dual citizenship, or those who are not U.S. citizens will be required to give more information. You will want to share this information securely.

Residence, Employment, and Education

Following your citizenship and identifying information, you will need to provide your residences for the last ten years. Then, you will be required to list your education history. The scope of your education will involve all of the education you have had after your 18^th birthday, unless you need more to provide at least two years of educational history.

Then, you will be required to list your employment history for ten years. You will need to provide the name and contact information for your supervisor at each of the positions you have held. There are options for unemployment, self-employment, and “other” if necessary.

Naturally, you will be required to list any and all involvement you have had with the military, including foreign military service.

The type of information requested on a security clearance involves listing whether or not you were reprimanded, fired, or for what reason you resigned from any of these positions.

Personal, Financial, and Legal History

The next section of your application will involve listing references for people who know you well. You’ll be required to detail your marital history. If you currently reside with a significant other, you will be required to list his or her information.

The form requires that you list family members, foreign contacts, activities, and travel. You will be asked to describe any mental health services you’ve received. Obviously, your criminal record, if any, will need to be disclosed in full detail.

In addition to your legal record, you will be asked to provide information concerning drug and alcohol use. Your financial information, including any bankruptcies or significant debts will need to be listed.

Transmission of Security Clearance Documents

As you can see the type of information requested for a security clearance is extensive. As this is a matter of national security, that makes sense. However, a significant amount of personal information resides on this 100+ page form. If you fill out the file on your own and send it in, you will need a secure means of transfer to protect your sensitive information. You really should not rely on email. 

Trustwire’s secure, end-to-end encryption technology ensures that your document is stored and transmitted safely. Sending such a comprehensive document should be done with the utmost care. Be confident when you click send. Learn more at Trustwire.com. 

Public WiFi and Email Security | Is It Ever Safe?

Back in the days of AOL-dominated email, security wasn’t a huge issue. People used their email at home to communicate with friends and family. Wifi wasn’t a thing, so email security wasn’t a pressing concern. That’s no longer the case.

We use our email for work, shopping, sending confidential documents to lawyers, doctors, and other professionals. Our credit card information and other financial information lives in our email accounts. 

So how secure public wifi for our vital email security?

The Stakes of Email Security

Basically, if a hacker gets into your email, he has found a gold mine. When you connect to a WiFi network, your data is stored on the router for that network.

Using public wifi increases your susceptibility to this type of cybercrime because a hacker can set up a network in a public location, thereby gaining access to your data. This includes your email username and password.

How Can You Protect Yourself?

It’s an almost impossible job to refuse to ever link up to a public WiFi network. We take our jobs with us everywhere. We store important documents in our email that we need to reference when we are on the go. So, how do we protect our email?

Two-Factor Authentication

If your email allows you to require two-factor authentication, use that. This requires a notification to be sent another one of your devices, such as a cell phone, before a new sign-in attempt is allowed. Chances are the hacker won’t have access to both devices.

The Official Network

You can ask the establishment for the name of their network to help authenticate which network you are actually using. This isn’t a sure-fire way to protect yourself, but it’s one step in the right direction.

Trustwire: Always Safe

If you find yourself away from your secure home network, and you need to send or access files, look to Trustwire as a way to do this without compromising your email security. Trustwire functions kind of like email, in that you can access it from anywhere. What’s more, it’s easy to use.

Trustwire is different from email in that it uses the strongest form of encryption to protect your data, no matter where you access our web-based portal. Send your documents from the local coffee shop using Trustwire and be assured that even the most savvy hackers cannot access it. Problem solved. Click here to learn more.

Intellectual Property Theft | Is the Cloud Vulnerable?

Being relevant and competitive in a global economy requires innovation. Successful businesses realize that innovation requires collaboration. To that end, cloud-based solutions allow for collaboration on projects despite differences in geographical location. But does using the cloud place your organization at risk for intellectual property theft? Let’s take a look.

What’s at Stake?

Trade secrets, patents, product designs, and ideas in development. Making all of these available across the devices and locations of various employees creates a potentially risky situation. Litigation over patent disputes, for example, can be astronomical.

Cybercrime experts suggest that more than a quarter of hackers seek IP rather than consumer identity or financial information. This means that your organization’s IP is vulnerable.

Intellectual Property Theft and the Cloud

Unfortunately, protecting IP is a bit tricker than preventing typical data breaches. Why? Most typical data breaches come from external sources—hackers seeking your clients’ information, for example. 

However, when the target is IP, according to a study conducted by Verizon, 49% of IP theft was due to either employee misuse or employee (current or former) malicious actors.

Tips to Protect Your Organization

• Remove access to the cloud from former employees.
• Restrict access to information stored in the cloud to each employees specific needs only. Make sure that you can use tiers, and enforce access levels.
• Train your employees to use the cloud responsibly—especially with regard to protecting security.
• Furthermore, encrypt all files. This prevents transmission of sensitive files if devices are lost or stolen.
• Maintain an audit trail within your cloud to monitor patterns of access and to alert security professionals to unauthorized access.
• Use Trustwire.

How Trustwire Protects Your Organization from Intellectual Property Theft

Trustwire uses the strongest open-sourced encryption to secure your files and messages. Furthermore, unlike other cloud-based solutions like Dropbox, Trustwire does not have access to your organization’s messages, files, or data. This further secures your IP.

Trustwire has unparalleled ease of use, meaning that your employees can quickly adjust to working with it. Furthermore, Trustwire is available on any device, anywhere in the world. Click here to earn more about how your business can begin protecting its valuable intellectual property with Trustwire.

Avoiding Cyber-Espionage in China and Hong Kong for Business Travelers

As China is the US’s second largest partner in trade, business travel to China and Hong Kong is essential. But should you be packing your laptop and smart devices? We’ll show you why avoiding cyber-espionage is essential for the business traveler.

Business Travel

Partnerships with Chinese companies remain lucrative and fruitful. Yet, many fear that traveling on business can leave their data subject to surveillance by the Chinese government. There is some evidence that Chinese custom officials were installing spyware on devices.

[Related: Stick to These Best Practices for Client Security]

China: A Surveillance State

For years, the Chinese government has been tracking its citizens: their travels, their credit, and their activity. This is daily life for Chinese citizens; however, this type of surveillance is highly suspect to Americans.

Unfortunately, many nations choose to spy on citizens of other nations as they travel. Much of the time this is for national security purposes. Yet, visitors tracked in China tend to be those who have important corporate ties—pointing to an economic incentive at hand.

[Related: WhatsApp Spyware and The Importance of Encryption for Human Rights Activists and Lawyers]

Corporate Espionage: Part of the Game?

While Chinese officials insist that corporate espionage takes place in many countries, yet the US government has publicized many recent cases of corporate espionage.

Avoiding Cyber-Espionage in China and Hong Kong

Here are some tips to take to avoid being subject to cyber-espionage while traveling on business to China or Hong Kong:

• Do not take un-needed electronics with sensitive data
• Consider using temporary laptops that have been cleared of sensitive data; ditto for cell phones
• Use thumb-drives for sensitive data, and open files on offline computers only
• In order to access files online, use a service like Trustwire, which is end-to-end encrypted and can be used on any computer.
• Keep in mind that all networks are owned and monitored by the Chinese government.
• Change passwords often.
• Back up your information.
• Do not accept thumb drives or other electronic devices as gifts.
• Remove cell phone batteries to limit tracking.

Depending on how sensitive your data can be, all these tips may not be necessary. Storing and transferring files on Trustwire is an easy and portable way to ensure the security of your business documents. Click here to find out more.

Business Travel Abroad | Protecting Secure Documents

One of the best things about our interconnected world is that we can often work from anywhere. This allows us the freedom to explore while managing to make a living. However, the need to protect secure documents when engaging in business travel abroad is a real need. We’ll outline the practices you should follow.

Business Travel & Cyber Security

The thing is, when you travel abroad for business or leisure, your sensitive data is up for grabs. Whether from foreign governments, corporate entities, or private illegal hackers, your email, documents, and data represent valuable capital for others.

So how is protecting secure documents possible when you have business travel abroad?

[Related: Top 5 Email Security Risks in 2019]

Consider a Password Manager

Companies like LastPass and 1Password allow you to manage your passwords in a way that makes them far less vulnerable to malicious actors. Both of these services are available at a low cost.

Also, when it comes to the security of your personal bank data, it’s worth asking your bank what they offer. Banks often have security measures available that aren’t well known to even their own customers.

Back Up Your Secure Documents

Backing up your secure documents is important so that a stolen device doesn’t mean that you’ve lost things permanently. Store this back up in a separate location that is also secure. Consider a physical drive, as well as an online back up.

[Related: Is Gmail Really Confidential?]

Trustwire offers cloud storage that boasts incredibly strong encryption to keep your documents safe from those with malicious intent. Furthermore, should your laptop go missing abroad, you can access 

Trustwire from any computer without worrying about it being compromised.

Protecting Secure Documents During Business Travel Abroad

Trustwire can be one of the components of cyber security for smart business professionals. Trustwire enables you to securely store and send documents regardless of your location or the device from which you access it. To learn more about our business or personal plans, click here.

Privacy Concerns Online | Is FaceApp Safe?

Recently, pictures of all your friends covered in wrinkles have gone viral. Everyone’s doing it and commenting on how much they look like a grandparent of theirs. Then, the debate over terms of service agreements and the company’s origin and intentions have sparked controversy. Should you have privacy concerns online regarding the FaceApp?  Let’s take a look.

A Bad Idea?

As soon as it seemed like everyone was posting their picture, the “thoughtful” friends appeared in the comments. Didn’t you read the terms of service? Don’t you know this company owns all your photos now? Is the company spying on behalf of Russia?

The Industry Norm?

And of course, there was the in-turn response: Facebook creates just as many privacy concerns online as the FaceApp. No one reads the terms of service agreements. Doesn’t the US government already keep track of our online activity?

[Related: Avoiding Privacy Violations: Why Not Acting Now is Risky Business]

A Mixed Bag

Well, the truth is somewhat murkier than either side would have you believe. FaceApp is probably not going to use your photos to create crazy DeepFake videos. The App’s founder Yaroslav Goncharov insists that no data is sent to Russia. They also claim that your data is not shared or sold to third parties. While all of this is comforting, it does not seem to be entirely true.

Privacy Policy Woes

In its privacy policy, FaceApp does ask users to “grant FaceApp a perpetual, irrevocable, nonexclusive, royalty-free, worldwide, fully-paid, transferable sub-licensable license to use, reproduce, modify, adapt, publish, translate, create derivative works from, distribute, publicly perform and display your User Content.” That’s definitely not something most people would be comfortable with.

Beyond that, the Washington Post found that FaceApp did have third party trackers in its app. Also, its photos are processed in the cloud rather than on your device. While it claims photos are deleted within 48 hours, there’s no real way to verify this.

FaceApp and Privacy Concerns Online

The most alarming aspect of the whole FaceApp debate is not that it is some anomaly in the tech landscape, but that it isn’t. Privacy policies are rarely read, and for good reason. They’re super long, and they’re written by experts who can easily bury their true objective in legalese on behalf of the app. Checking the “agree” box initiates a commonplace scheme: your data is sent to a variety of locations.

[Related: How Trustwire and VPN are Tools in Protecting Human Rights]

The stakes are huge. They’re not just using our data to sell us more stuff. As the Cambridge Analytica and 2016 election taught us, they may be influencing the way in which we elect our government. This is why we feel Trustwire’s mission is so essential.

How Trustwire is Different

In the world of surveillance, where your data becomes the property of other’s agendas, we are committed to protecting your privacy. This is why we encrypt your messages, files, and photos. In fact, no one who works at Trustwire has access to any of your content or pattern of access.

This means that you are in complete and total control of your privacy. We think this should be the industry standard. Learn more about how we can help you protect your privacy online.