Protect your E-Signatures and E-Signed Documents from a Data Breach

2531 0

In celebration of October’s designation as National Cyber Security Awareness Month, we are taking a closer look into the security of electronic signatures.

To understand how connected we all are to our technology, we can simply look at how we spend the first few minutes of the day. A study from IDC Research found that 79 percent of Americans reach for their smartphone within 15 minutes of waking up. From shopping to making home videos to signing business contracts online with E-signatures—it seems you can do it all from a six-inch mobile device.

But all this interconnectivity can leave us vulnerable to cyber attacks.

To curb this vulnerability, there is a global cyber security awareness campaign called STOP. THINK. CONNECT. This initiative provides simple, actionable advice that everyone can use to stay safer and more secure online. Below, we’ve adapted these steps to outline how to keep your digitally signed documents safe:

STOP : Identify the threats to your e-signatures.

When using e-signatures, your digital documents may be transferred or stored in cyberspace. So as a first step, every company that uses e-signatures should assess these three threats :

  1. Weak security

Do you know if your e-signature vendor has taken all necessary security precautions? What do the vendor’s identity authentication measures look like? Are there options for top-tier security while still being convenient for the user? What level of encryption does the company employ when documents are stored in the cloud? If you can’t answer these questions with confidence, your vendor may not provide the security you need.

  1. No alarm system

E-signatures should be built on tamper-evident technology that immediately alerts you to changes in signed documents. Otherwise, hackers could alter documents without sounding an alarm, so to speak, and it could end up costing your company hundreds of thousands of dollars.

  1. Disregard for published standards

If your e-signatures are based on proprietary technology, you may never know for sure how that technology actually works, or if it’s really protecting your signatures and documents. Using e-signature technology that is based on international, published standards, such as those outlined by the International Organization for Standardization (ISO) or the National Institute of Standards and Technology (NIST), provides a set of hard and fast rules for your technology to follow, such as rules for encryption. Find out what published standards your vendor adheres to—and throw up a red flag if they don’t abide by any.

THINK

Audit your e-signature vendor’s technology and compare it against your security needs for the lifetime of your documents

Not all e-signatures provide the same level of protection to mitigate the threats above.

Dependent e-signatures could provide hackers with multiple access points to attack because the legal evidence supporting the validity of the signature is stored on a third-party server. With Independent E-Signatures™, cryptographic evidence is permanently embedded directly into the digital document, eliminating the need for an outside server and reducing the number of entry points.

Independent E-Signatures™ also offer a range of security measures – including various authentication options, a complete audit trail, tamper-proof and/or tamper-evident technology – to ensure your digital documents, sensitive information and e-signatures stay safe.  Moreover, they’re based on standards that provide confidence in the long term.

Where do your e-signatures fall in this spectrum? Will they meet your company’s needs for digital security?

CONNECT :

E-sign with confidence.

Although the use of e-signatures can’t prevent data breaches or cyber attacks outright, the right e-signature technology –one that is independent of the vendor and uses the highest levels of encryption, identity authentication, tamper-evidence and audit trails – will assure your digital transactions exist behind strong fortifications.

With this weight lifted off your shoulders, you’re free to streamline and automate your company’s workflows – and to save substantial costs – without constant fear of threat.

John Harris Senior Vice president of Product Management at SIGNiX
John HarrisJohn Harris is the senior vice president of product management at SIGNiX, an electronic signature solutions provider that makes signing documents online safe, secure and legal for any business. SIGNiX offers an independently verifiable cloud-based digital signature solution, which combines workflow convenience with superior security.

In this article