The Sendside platform supports several different ways to send secure messages and documents. By offering unique Send Methods, the sender is able to control the level of security and the corresponding end-user experience, depending on specific requirements. Generally speaking, as additional layers of security are added, additional steps are required by the recipient to access their message and/or documents.

The Sendside plaform supports the following four ways to send messages and/or documents:

    • (Standard) Secure
    • Challenge & Response
    • Delivery by PIN
    • No-login Required

 

Supported Send Methods by Product

Title IO Secure Web Sendside for Outlook SecureSync For GreenFolders SecureSync for Email
Standard Secure X X X X
Challenge & Response X X X X
Message by PIN X
No-Login Required X X X X

 

ALTA Best Practices #3 Guidelines

Secure Delivery

Standard Secure Delivery is supported in all of Sendside’s product offerings including Title IO Secure Web, Sendside for Outlook, SecureSync for GreenFolders and SecureSync for Email. It is the recommended way to send documents that contain Non-public, Private Information (NPI). This method offers a high degree of security, but requires the end-user to register for a free account during their first visit. Once they have registered, a username and password is required to view, reply and/or manage messages and documents.

Challenge & Response

Challenge & Response Delivery offers another secure way to send messages and document to your clients, customers and partners. Although it does not require the recipient to register before being able to view the message and/or attachments, it does require the user to provide a response to a given challenge. Provided that the challenge and response used are known only to the sender and recipient, this method offers a simple and secure way of sending.

In addition to the above, it offers an added benefit when messages and documents have been sent in error to the wrong person. This method would prevent them from being able to view the message, even with the email notification.

Delivery by PIN

Delivery by PIN offers another secure way to send messages and document to your clients, customers and partners. Although it does not require the recipient to register before being able to view the message and/or attachments, it does require the user to provide a PIN before being able to view the message or download attachments. Because PINs can be distributed in a variety of ways, the security of this method various on the method chosen to provide the PIN to the recipient. There are three ways to disseminate the PIN:

    • Email (Not recommended)
    • SMS (Secure, but requires an SMS gateway to be configured)
    • Other (Secure as it’s “out of band.” Telling the recipient via phone, for example, enables true two-factor authentication (something you know and something you have)

 

The login page for Title IO’s Secure Web (simplesmartsecure.com) contains a web form that allows the user to simply provide the PIN and go straight to their message.

 

No-login Required

No-login Required is another popular way to send documents. This method is the most convenient, but offers the least security of all the available delivery methods. Although the message and documents are encrypted all the way from the sender to the recipient, the email notification that alerts the recipient that a new message has been received, is not. Because email is inherently insecure, theoretically, the notification could be intercepted while enroute, giving access to the message and document without the need to provide authentication. Despite these limitations, it is a good choice when sending forms that have not yet been completed (and therefore contain no NPI) as they allow the recipient to download and access files easily and still be able to securely reply via the same interface.