NU Online News Service, May 15, 1:40 p.m. EDT
The need for independent agents to encrypt e-mail transmissions is not only important for compliance with privacy laws but can also be used as a marketing tool by agents, a technology expert said.
Jim Rogers, director of distribution technology at The Hartford, made his comments during an Agents Council for Technology (ACT) Web seminar on the subject of Transport Layer Security (TLS) e-mail, or the encryption of e-mail messages to protect sensitive customer information.
The seminar, moderated by Jeff Yates, ACT executive director, covered the legal and technical aspects of TLS and its importance to independent agents.
Mr. Rogers said that adopting TLS is “essential to doing business” and warned that typical e-mails over the most popular provider systems, such as Yahoo and Google, are not protected. There is also growing demand from customers, he said, to do business by e-mail over secure systems.
The passage of the Gramm-Leach-Bliley Act in 1999 established that private information cannot be shared publicly and needs to be secured. While GLB established the privacy foundations, states have been more aggressive in setting higher standards on personal information, especially concerning the transmission of credit card information, seminar participants said.
States are trending toward requiring businesses to impose tighter controls over personal information, Mr. Yates noted. He added that utilization of TLS standard is just good business practice, and not adopting those standards is “like sending an open post card.”
The challenge, Mr. Rogers explained, is adopting TLS standards to avoid having to open each individual message with identification and password. Fortunately, many of the current Microsoft server programs have TLS capabilities to both encrypt and translate messages. The challenge is getting users to turn on those systems, he said.
He noted that all Real Time transactions are encrypted and that another encryption option is sending a PDF that is password protected. The downside of that is the receiving party has to be aware of the e-mail and know password.
In addition to security concerns, Mr. Rogers noted that a number of agencies have adopted TLS standards and are touting those standards in their marketing to their commercial clients.
Reviewing how to implement TLS programs, Tim Woodcock, president of Courtesy Computer, said there are a number of server providers that furnish TLS certificates to encrypt e-mail transmissions. Implementation of the TLS certification should be done by the agency’s chief technology officer or the agency’s outside vendor, he said.
After reviewing the technical aspects of turning TLS on, Mr. Woodcock noted that agencies that purchase the programs now can enjoy tax advantages under the current federal economic stimulus program. Microsoft is also offering savings on the purchase of its program, he advised.
ACT, which was founded by the Independent Insurance Agents & Brokers of America, said it will have more detailed information on its Web site concerning TLS. There are also plans to make the seminar available for rebroadcast in the future, said Mr. Yates.
Additional information on ACT and security features can be found at www.independentagent.com/act under agency security/customer privacy.
ACT plans another seminar on June 23. Registration for the seminar is available at www1.gotomeeting.com/register/974713337.