KeyTalk solves challenges with digital email signatures and disclaimers

04 Nov ‘20

Business Email Compromise (BEC) is a growing problem. Since 2019, it has even been seen as the no. 1 cybersecurity threat.

While SPF, DKIM, and DMARC provide a good basis for protection against BEC, digital signing of emails is still the only way to ensure that the sender is who they say they are and that the message has not been manipulated after it has been sent.

Signing digitally with an S/MIME or digital signing certificate thus offers the best protection against BEC attacks but also brings some other challenges. Many companies manage their disclaimer centrally so that they can be sure that the correct disclaimer is always under emails from their employees. For companies with several subsidiaries, this disclaimer challenge is even greater.

Solutions that add disclaimers centrally often break into a sent email, add the disclaimer, and then send the email to the person it was meant for. As soon as emails are digitally signed and the email is broken into, to add a disclaimer or other text or attachment, the recipient of the message will receive a warning that the content can no longer be trusted because the digital ‘seal’ of the email message has been broken.

To overcome this problem, the KeyTalk CKMS has recently been extended with functionality to automatically configure disclaimers for MS Outlook and Outlook 365.
This functionality is provided in the basic and plus version of the KeyTalk Secure Email Service.

Central IT management can then set up multiple disclaimers depending on the email domain name. Never again will an employee be able to forget to use a disclaimer, or to modify the disclaimer himself/herself.

By doing this, every organisation using KeyTalk’s Secure Email Service is assured that in addition to the excellent protection against Business Email Compromise, the disclaimers are always correct.