One click is all it takes: Why industry email must improve

Origo says pension providers can take simple steps to better protect themselves

Jonathan Stapleton
clock • 2 min read
Anthony Rafferty is chief executive of Origo
Image:

Anthony Rafferty is chief executive of Origo

Product providers and third-party administrators can better protect themselves by putting in place email security protocols and systems, says Origo chief executive Anthony Rafferty.

I suspect that most people who are reading this have at some point in their email history sent an email to the wrong person, copied in someone they didn't mean to or copied in a response to ‘all' rather than replying to a single individual - or they know someone else who has.

Email systems that offer a selection of email recipients for you to choose from may seem helpful but the wrong click can add the wrong address and in the fast pace of a busy day the email is away and gone before you can stop it.

A hasty recall does not mean the email hasn't been read and the content absorbed, nor does a legal disclaimer at the bottom of an email.

I have no doubt that business and jobs have been lost as a result of such errors.

In addition, nowadays the Information Commissioner's Office (ICO) is in place to monitor the market and will publicly admonish and fine companies who have sent information to the wrong recipient(s) or otherwise not protected their clients' data. This most recently included a £500,000 fine for the Cabinet Office for disclosing postal addresses of the 2020 New Year Honours recipients online1.

For financial services companies who are dealing daily with private and confidential information for their clients, sending communications back and forth both externally and internally, the fallout from such a mistake can be significant, not just in terms of a potential fine but in terms of market reputation, breakdown of consumer trust and the consequent business impact.

With consumers now more confident and comfortable using digital services and corresponding digitally, and greater attention being paid by the regulators to consumer data privacy, this is an issue that is rising up the agenda for operations and IT directors across the industry.

Leading companies are already recognising the need to put in place sound email protocols and secure systems as core elements of their data strategies. Aegon and Royal London are two providers who have implemented two-factor authentication, encrypted email as part of their communication protocols.

Using a military-grade encryption service first secures the email in transit and also ensures that only the intended recipient can access the email, and that the recipient knows it comes from a trusted source. Further security is provided via a challenge question. It can also create an audit trail of when the email was sent and opened, so the sender knows when the email has been read, and for compliance purposes.  

As an industry, our customers expect us to keep their information safe. Email security is just part of the range of security protocols that companies must now employ but it is an important one which, fortunately, can be easily implemented.

Anthony Rafferty is chief executive of Origo

1 https://ico.org.uk/action-weve-taken/enforcement

More on Admin / Technology

SPP: What pensions dashboards can learn from Taylor Swift and Oasis

SPP: What pensions dashboards can learn from Taylor Swift and Oasis

Paul McGlone says staggering the launch date of dashboards could help manage demand

Paul McGlone
clock 29 October 2024 • 3 min read
AI and pensions: What are the risks and opportunities?

AI and pensions: What are the risks and opportunities?

Professional Pensions asks the industry whether trustees should be considering AI implementation

Jasmine Urquhart
clock 24 October 2024 • 6 min read
TPR urges industry to drive innovation with technology

TPR urges industry to drive innovation with technology

TPR launches digital, data and technology strategy in bid to reduce regulatory burdens on schemes

Jasmine Urquhart
clock 22 October 2024 • 2 min read
Trustpilot