Last Updated on August 24, 2023
Barely a day passes without news of an email leak (remember former U.S. Secretary of State Hillary Clinton’s email issues? Of course you do.), security breach or denial of service attack. Human resources plays a vital role in ensuring company and employee information isn’t vulnerable to attacks. However, when dealing with keeping immigration data secure – and that includes company financial performance, passport and social security numbers, addresses, compensation and work status data – information is passed between you, your company, employees, attorneys and government agencies. So, it begs the question, is your immigration data secure for your company and employees if your primary communication channel with your immigration services provider is email?
Is your immigration data secure if your primary communication channel is email?
Email can’t keep immigration data secure
Email, as we have seen, is not the most secure method for immigration data communications. Why is email so dangerous? Using Clinton’s leaked emails as a case study, here are five reasons:
- Lack of Encryption: For months, inbound and outbound emails from Clinton’s email server were not encrypted, due to poor administration from IT staff
- Lack of Control: Ever have one of your emails forwarded without your knowledge or consent? We lose all control over what happens to an email message after we send it
- Replication: When you use an offline email client such as Microsoft Outlook, local copies of emails can be saved. Using certain tools, email messages can be retrieved from local cache files, even if access to the account is revoked
- Email Server Management Issues: Anyone with full administrator access on an email system can view any email and attachment
- Phishing Scams: The Democratic National Convention and Clinton campaign email leaks of 2016 were the result of multiple security breaches. It was believed that there were attempts to phish John Podesta, in particular, for account access, but it’s not entirely known if that was how his account was illegally accessed
At Envoy, we take security and data compliance very seriously. Communication, document sharing and sensitive company and employee information are housed in our secure, cloud-based platform with multi-factor authentication. Here are other ways Envoy keeps immigration data secure:
Secure Access
Here are some of the key configurations of the system:
- Login protection with SSL authentication: All login information is protected through a secure connection, encrypted with a 256-bit SSL certificate
- Multi-factor authentication protects your account from unauthorized access
- Sophisticated firewall safeguards company’s data and the site’s availability
Controlled Visibility
We ensure that your employees see only their own data. You control their access to company data or any other sensitive information.
Encrypted Storage
All customer data is encrypted to prevent unauthorized access. Envoy employees do not have access to data. All customer data is restricted to only those who need access to it, through the principle of least privilege.
A Premier Data Center
We partnered with Microsoft and leverage their Azure cloud data infrastructure. Azure has over 25 certifications and is the gold standard of data center management and security.
Real-Time Monitoring
Real-time data monitoring is imperative for proactive protection of our database.
- We lock down accounts after four missed password attempts and notify users of password changes
- We also monitor our system of large data downloads or transfers and notify individuals to ascertain the situation