Solved

How is Voltage secure HIPPA mail secure?

Posted on 2016-09-07
6
44 Views
Last Modified: 2016-09-08
Aetna "encrypts" email so it is HIPPA compliant (using https://www.voltage.com/)

Basically: they send you an email with an encrypted .HTML attachment.  

You double-click the attachment and view the message as webmail on the aetna.com site.

I forwarded such a message to my hotmail account and could just double-click the attachment and view it fine.

I then forwarded it to my gmail account, and opened the message on my laptop (wifi network), and likewise can just click the attachment to open the message.

So, how is this secure?

It never asks for a password and seemingly doesn't use certificates (I'm in IT and not the destination HR user)

Any ideas?

Why couldn't they have just sent a link to the particular message on aetna.com?  Why all this hocus pocus encryption stuff to not even bother asking for a login userid/password?

Seems crazy!
0
Comment
Question by:mike2401
  • 4
  • 2
6 Comments
 
LVL 38

Accepted Solution

by:
Adam Brown earned 500 total points
Comment Utility
Read this for some entry level background on email encryption: http://wp.me/pUCB5-8q
You may not need to know all that, but I'm providing it as a way to get on the same page with you.

Voltage utilizes a fairly simple key exchange method for allowing access to the emails you send. The message is sent as a secure attachment that, when opened, checks your web browser for the correct key that is stored in a cookie, add-in, or some other client-side method. If the key for the message is found, it is seamlessly opened without prompting for credentials. If not, a login prompt is presented. If the recipient has never attempted to open a secured message before, they are prompted to register their email and a password to receive the proper key.

What I suspect is happening here is this; You are opening the message attachment on the same system you used to send the message. If you sent the message using the Outlook add-in for Voltage or the website set up to send messages directly using voltage, the key to unlock the message is already on your system and it doesn't matter which email address you open it with, the correct key will always be found and the message will open properly.

To test this theory, send another secure message to an email address you haven't tested yet, but open it on a completely different computer that you know you haven't used to open or create a secure email with. If it them prompts you to enter a username and password or register with the voltage service, then you'll know that the above theory is correct and the certificate you need was already on your computer, found, and used to open the HTML file. If it doesn't prompt you when you do this, I would communicate the issue with Voltage support.

As to why all this has to happen, it comes down to the fact that we can't guarantee that all receiving parties have enabled Opportunistic TLS on their mail servers. Even in the case that the message doesn't require a username and password on the new computer, the message is still being encrypted *in transit* in a way that prevents casual packet sniffing from examining the message data. This is, in effect, all that HIPAA requires from an email encryption standpoint.
0
 

Author Comment

by:mike2401
Comment Utility
Wow Adam, that's an amazing answer, thank you!

I'm reading the link now!

Mike
0
 

Author Comment

by:mike2401
Comment Utility
I'm going to quick close the call so you get all 500 points, even though I might have a follow-up question after I do the experiment.

Mike
0
Free Gift Card with Acronis Backup Purchase!

Backup any data in any location: local and remote systems, physical and virtual servers, private and public clouds, Macs and PCs, tablets and mobile devices, & more! For limited time only, buy any Acronis backup products and get a FREE Amazon/Best Buy gift card worth up to $200!

 

Author Closing Comment

by:mike2401
Comment Utility
Amazing answer!
0
 

Author Comment

by:mike2401
Comment Utility
If the cookie/certif is on the client pc, and I'm opening the message on an entirely different pc, I'm still not understanding how it would just open.

BTW, I have seen health portal type emails exactly as you described where the first time the user PICKS a password.  This always struck me as crazy as it doesn't seem like a good way to authenticate the FIRST message is being opened by the proper person.
0
 
LVL 38

Expert Comment

by:Adam Brown
Comment Utility
Yeah. I've never really liked those methods for handling email "encryption" because they have huge weaknesses and they violate the normal recommendations that users never open attachments or follow links in Emails. But they do technically resolve the compliance requirements for encryption in transit, and they are way easier for the end users to use than S/MIME. Another solution is to require TLS encryption in outgoing emails, but every time I try to enable that option on an email server I invariably get mountains of bitching users getting NDRs because they sent a message to someone whose mail server doesn't support Opportunistic TLS (freaking idiot Linux mail server admins, for the most part).

I haven't really worked with Voltage myself, so I can't say exactly how it functions, and their documentation is really bad (surprising, I know). But when the only requirement is that the message be encrypted in transit, it does meet that requirement no matter what. You would have to have a full man-in-the-middle setup going to be able to read the message, and that's usually quite difficult to accomplish without having enough access to read everything in the mailbox anyway.
0

Featured Post

Want to promote your upcoming event?

Attending an event? Speaking at a conference? Or exhibiting at a tradeshow? Easily inform your contacts by using a promotional banner in your email signature. This will ensure your organization’s most important contacts are in the know.

Join & Write a Comment

SSL stands for “Secure Sockets Layer” and an SSL certificate is a critical component to keeping your website safe, secured, and compliant. Any ecommerce website must have an SSL certificate to ensure the safe handling of sensitive information like…
Local Continuous Replication is a cost effective and quick way of backing up Exchange server data. The following article describes the steps required to configure Local Continuous Replication. Also, the article tells you how to restore from a backup…
In this video we show how to create a Distribution Group in Exchange 2013. We show this process by using the Exchange Admin Center. Log into Exchange Admin Center.: First we need to log into the Exchange Admin Center. Navigate to the Recipients >>…
The video tutorial explains the basics of the Exchange server Database Availability groups. The components of this video include: 1. Automatic Failover 2. Failover Clustering 3. Active Manager

743 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question

Need Help in Real-Time?

Connect with top rated Experts

11 Experts available now in Live!

Get 1:1 Help Now