How is Voltage secure HIPPA mail secure?
Aetna "encrypts" email so it is HIPPA compliant (using https://www.voltage.com/)
Basically: they send you an email with an encrypted .HTML attachment.
You double-click the attachment and view the message as webmail on the aetna.com site.
I forwarded such a message to my hotmail account and could just double-click the attachment and view it fine.
I then forwarded it to my gmail account, and opened the message on my laptop (wifi network), and likewise can just click the attachment to open the message.
So, how is this secure?
It never asks for a password and seemingly doesn't use certificates (I'm in IT and not the destination HR user)
Any ideas?
Why couldn't they have just sent a link to the particular message on aetna.com? Why all this hocus pocus encryption stuff to not even bother asking for a login userid/password?
Seems crazy!
Basically: they send you an email with an encrypted .HTML attachment.
You double-click the attachment and view the message as webmail on the aetna.com site.
I forwarded such a message to my hotmail account and could just double-click the attachment and view it fine.
I then forwarded it to my gmail account, and opened the message on my laptop (wifi network), and likewise can just click the attachment to open the message.
So, how is this secure?
It never asks for a password and seemingly doesn't use certificates (I'm in IT and not the destination HR user)
Any ideas?
Why couldn't they have just sent a link to the particular message on aetna.com? Why all this hocus pocus encryption stuff to not even bother asking for a login userid/password?
Seems crazy!
ASKER CERTIFIED SOLUTION
membership
This solution is only available to members.
To access this solution, you must be a member of Experts Exchange.
ASKER
I'm going to quick close the call so you get all 500 points, even though I might have a follow-up question after I do the experiment.
Mike
Mike
ASKER
Amazing answer!
ASKER
If the cookie/certif is on the client pc, and I'm opening the message on an entirely different pc, I'm still not understanding how it would just open.
BTW, I have seen health portal type emails exactly as you described where the first time the user PICKS a password. This always struck me as crazy as it doesn't seem like a good way to authenticate the FIRST message is being opened by the proper person.
BTW, I have seen health portal type emails exactly as you described where the first time the user PICKS a password. This always struck me as crazy as it doesn't seem like a good way to authenticate the FIRST message is being opened by the proper person.
Yeah. I've never really liked those methods for handling email "encryption" because they have huge weaknesses and they violate the normal recommendations that users never open attachments or follow links in Emails. But they do technically resolve the compliance requirements for encryption in transit, and they are way easier for the end users to use than S/MIME. Another solution is to require TLS encryption in outgoing emails, but every time I try to enable that option on an email server I invariably get mountains of bitching users getting NDRs because they sent a message to someone whose mail server doesn't support Opportunistic TLS (freaking idiot Linux mail server admins, for the most part).
I haven't really worked with Voltage myself, so I can't say exactly how it functions, and their documentation is really bad (surprising, I know). But when the only requirement is that the message be encrypted in transit, it does meet that requirement no matter what. You would have to have a full man-in-the-middle setup going to be able to read the message, and that's usually quite difficult to accomplish without having enough access to read everything in the mailbox anyway.
I haven't really worked with Voltage myself, so I can't say exactly how it functions, and their documentation is really bad (surprising, I know). But when the only requirement is that the message be encrypted in transit, it does meet that requirement no matter what. You would have to have a full man-in-the-middle setup going to be able to read the message, and that's usually quite difficult to accomplish without having enough access to read everything in the mailbox anyway.
ASKER
I'm reading the link now!
Mike