Solved

How is Voltage secure HIPPA mail secure?

Posted on 2016-09-07
6
53 Views
Last Modified: 2016-09-08
Aetna "encrypts" email so it is HIPPA compliant (using https://www.voltage.com/)

Basically: they send you an email with an encrypted .HTML attachment.  

You double-click the attachment and view the message as webmail on the aetna.com site.

I forwarded such a message to my hotmail account and could just double-click the attachment and view it fine.

I then forwarded it to my gmail account, and opened the message on my laptop (wifi network), and likewise can just click the attachment to open the message.

So, how is this secure?

It never asks for a password and seemingly doesn't use certificates (I'm in IT and not the destination HR user)

Any ideas?

Why couldn't they have just sent a link to the particular message on aetna.com?  Why all this hocus pocus encryption stuff to not even bother asking for a login userid/password?

Seems crazy!
0
Comment
Question by:mike2401
  • 4
  • 2
6 Comments
 
LVL 39

Accepted Solution

by:
Adam Brown earned 500 total points
ID: 41788757
Read this for some entry level background on email encryption: http://wp.me/pUCB5-8q
You may not need to know all that, but I'm providing it as a way to get on the same page with you.

Voltage utilizes a fairly simple key exchange method for allowing access to the emails you send. The message is sent as a secure attachment that, when opened, checks your web browser for the correct key that is stored in a cookie, add-in, or some other client-side method. If the key for the message is found, it is seamlessly opened without prompting for credentials. If not, a login prompt is presented. If the recipient has never attempted to open a secured message before, they are prompted to register their email and a password to receive the proper key.

What I suspect is happening here is this; You are opening the message attachment on the same system you used to send the message. If you sent the message using the Outlook add-in for Voltage or the website set up to send messages directly using voltage, the key to unlock the message is already on your system and it doesn't matter which email address you open it with, the correct key will always be found and the message will open properly.

To test this theory, send another secure message to an email address you haven't tested yet, but open it on a completely different computer that you know you haven't used to open or create a secure email with. If it them prompts you to enter a username and password or register with the voltage service, then you'll know that the above theory is correct and the certificate you need was already on your computer, found, and used to open the HTML file. If it doesn't prompt you when you do this, I would communicate the issue with Voltage support.

As to why all this has to happen, it comes down to the fact that we can't guarantee that all receiving parties have enabled Opportunistic TLS on their mail servers. Even in the case that the message doesn't require a username and password on the new computer, the message is still being encrypted *in transit* in a way that prevents casual packet sniffing from examining the message data. This is, in effect, all that HIPAA requires from an email encryption standpoint.
0
 

Author Comment

by:mike2401
ID: 41789815
Wow Adam, that's an amazing answer, thank you!

I'm reading the link now!

Mike
0
 

Author Comment

by:mike2401
ID: 41789816
I'm going to quick close the call so you get all 500 points, even though I might have a follow-up question after I do the experiment.

Mike
0
Comprehensive Backup Solutions for Microsoft

Acronis protects the complete Microsoft technology stack: Windows Server, Windows PC, laptop and Surface data; Microsoft business applications; Microsoft Hyper-V; Azure VMs; Microsoft Windows Server 2016; Microsoft Exchange 2016 and SQL Server 2016.

 

Author Closing Comment

by:mike2401
ID: 41789818
Amazing answer!
0
 

Author Comment

by:mike2401
ID: 41789880
If the cookie/certif is on the client pc, and I'm opening the message on an entirely different pc, I'm still not understanding how it would just open.

BTW, I have seen health portal type emails exactly as you described where the first time the user PICKS a password.  This always struck me as crazy as it doesn't seem like a good way to authenticate the FIRST message is being opened by the proper person.
0
 
LVL 39

Expert Comment

by:Adam Brown
ID: 41790250
Yeah. I've never really liked those methods for handling email "encryption" because they have huge weaknesses and they violate the normal recommendations that users never open attachments or follow links in Emails. But they do technically resolve the compliance requirements for encryption in transit, and they are way easier for the end users to use than S/MIME. Another solution is to require TLS encryption in outgoing emails, but every time I try to enable that option on an email server I invariably get mountains of bitching users getting NDRs because they sent a message to someone whose mail server doesn't support Opportunistic TLS (freaking idiot Linux mail server admins, for the most part).

I haven't really worked with Voltage myself, so I can't say exactly how it functions, and their documentation is really bad (surprising, I know). But when the only requirement is that the message be encrypted in transit, it does meet that requirement no matter what. You would have to have a full man-in-the-middle setup going to be able to read the message, and that's usually quite difficult to accomplish without having enough access to read everything in the mailbox anyway.
0

Featured Post

Courses: Start Training Online With Pros, Today

Brush up on the basics or master the advanced techniques required to earn essential industry certifications, with Courses. Enroll in a course and start learning today. Training topics range from Android App Dev to the Xen Virtualization Platform.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Suggested Solutions

Title # Comments Views Activity
How to specify rdns for multi-homed mail server 5 38
postfix email restriction 1 35
IT Desktop Support 11 65
Import and exporting Oracle Data with encrypted columns 4 27
Local Continuous Replication is a cost effective and quick way of backing up Exchange server data. The following article describes the steps required to configure Local Continuous Replication. Also, the article tells you how to restore from a backup…
As tax season makes its return, so does the increase in cyber crime and tax refund phishing that comes with it
In this video we show how to create a Distribution Group in Exchange 2013. We show this process by using the Exchange Admin Center. Log into Exchange Admin Center.: First we need to log into the Exchange Admin Center. Navigate to the Recipients >>…
In this video we show how to create an email address policy in Exchange 2013. We show this process by using the Exchange Admin Center. Log into Exchange Admin Center.:  First we need to log into the Exchange Admin Center. Navigate to the Mail Flow…

785 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question