Safe4 announces the release of version 4.6

/in , ,

Further upgrades and enhancements to Safe4 are being introduced, as version 4.6 of the secure document delivery and storage service is released. As well as a series of significant improvements to both security and performance, the new release also provides a comprehensive refresh to the user interface for most parts of the system.

The key changes relate to responsiveness when used on mobile devices. Safe4 already provides a means of uploading photographs from smartphones and tablets directly into folders in the system, and this has now been extended to support the upload of multiple photographs or videos in a single action.

Among the changes are:

  • Completely rewritten upload and download routines, to make the system faster and more secure to use. The use of Flash in the multi-file upload process has been removed, resulting in a smoother and quicker user experience.
  • Re-organisation of the provider administration functions, with better control of system configuration options.
  • Re-scaled input screens for usernames, passwords and PINs, to make logging into the system from smartphones much easier.
  • Changes to the way in which the Public Folder facility works, to allow more flexible movement of files within a vault, and to support access from WebDAV connections through Windows and iOS.
  • A completely re-engineered development environment, to lay a flexible platform for some major functional enhancements planned for the first quarter of 2017.

This release of Safe4 underlines our commitment to offer the best possible service to our customers and their employees, clients, partners, suppliers and associates. The number of external threats to online security has never been greater, so the pressure to maintain a secure environment for confidential information is unrelenting. For more information on Safe4 and how it can make a difference to your business, please contact us.

Email phishing scams increasing rapidly – what is the answer?

/in , ,

Almost everyone who has an email account will have received large numbers of unsolicited emails from an unknown sender requesting that the recipient “click here” to gain access to a website or service that offers something of interest or value. Some of these are laughably inept, and are so obviously scams that they can be deleted immediately. However, an increasing number are from criminals who purport to represent a reputable and trusted party, often cleverly formatted in a way that makes it very difficult to differentiate between the scam and the real thing.

In 2015, the last full year for which there is appropriate data, instances of phishing emails of this type rose by 21% in the UK, as reported in the media by Silicon.  As the article suggests, the organisations that have been falsely represented most often in the UK are BT, Apple and HMRC. The Apple emails in particular are very realistic. Clicking the link as requested will normally result in ransomware or some other form of malware being downloaded on to the recipient’s computer, leading to problems that can be very damaging and difficult to deal with.

Increasingly the criminals have turned their attention to banks and their clients, and social media services such as LinkedIn. Safe4 have recently worked with Investec, one of the financial sector’s most respected specialist banking and asset management service providers, to offer solutions to this ever-worsening problem. This involves using the Safe4 service to create a highly secure vault, into which clients can place their own important documents, and which can also be used as a means of distributing bank-generated documents to clients. It will thus become possible to inform clients that if any unsolicited email is received bearing the bank’s branding, it should be deleted immediately.

Investec, headquartered in Johannesburg, South Africa, also have a substantial presence in the UK and in other locations internationally. The Safe4 integration project was carried by the Investec Digital team in Johannesburg, who worked closely with the Safe4 developers in the UK and South Africa. Investec are no strangers to innovation, and are constantly seeking ways to improve their clients’ banking experience, and importantly to increase the level of protection offered to clients.

Safe4 offers a highly secure facility for distributing documents to any recipient outside the sender’s own IT domain. Using UK-located data centres only, accredited to the ISO 27001 international security standard, Safe4 has been independently ranked among the 0.8% most secure site on the internet, out of millions tested.

Contact us for more information on the Safe4 service, and for ideas on how using Safe4 can enhance the security of your communication with the outside world.

Safe4 Conference 2016 a great success

/in ,

The Safe4 Conference 2016, held at Dartmouth House in London in November, proved to be a highly successful day. A very high-profile UK public service client, a leading international bank, an organisation specialising in training and talent development, and a membership organisation serving the will-writing and inheritance planning profession all gave presentations at the event, and illustrated the wide breadth of customer applications that Safe4 is now being used to support.

Of particular interest was the presentation by Dave Saunders of Investec, who travelled from Sandton in Johannesburg to attend the event. Widely respected as one of the financial sector’s most successful and efficient specialist bankers, Investec are deploying Safe4 as a facility within their online banking service. The Digital Briefcase – as it is known – is available to all Investec clients for storing important personal information in a highly secure vault. To underline the commitment of Investec to offer their clients the most secure and ethical service possible, Investec also plan to use the Safe4 vault to handle documents being delivered to clients. This will allow the bank to cut down on the use of email as a tool for client communication – email phishing has become a modern-day scourge, with fraudsters sending messages purporting to represent banks asking recipients to click a link to verify their account details, only to cause malware or ransomware to be downloaded on to their computer.

Safe4 was integrated into the Investec online banking service by their digital services team during 2015 and 2016, using the Safe4 API. This was modified and enhanced by Safe4 to meet the requirements of Investec, and currently supports approximately 95% of the functionality offered by Safe4.

Further developments from Investec are in the pipeline. Their mobile app makes highly inventive use of the Safe4 service, and presents the service through an interface that differentiates Investec from their competitors.

The Safe4 team that led the collaboration with Investec was based in Johannesburg and the UK, emphasising the benefits of international cooperation.

For more information on the services available from Safe4, please get in touch with our teams either in the UK or South Africa.

Christine Andrews of DQM GRC to present at Safe4 Conference

/in , ,

GDPR (General Data Protection Regulation) is looming. This EU-originated legislation will come into force in 2018, and already many UK organisations are becoming aware of the impact that the new regulation will have. The imposition of heavy fines and the more onerous responsibilities placed upon data controllers and data processors are concentrating the minds of data protection officers in organisations large and small, in all sectors of business.

Safe4 are delighted to announce that Christine Andrews, Managing Director of DQM GRC, will be presenting at the Safe4 Conference in London on 17 November. Christine has many years’ experience in the field of regulation and compliance, and offers a deep understanding of what this means to different types of organisation. As well as appreciating the need to get to grips with the impact of GDPR, Christine and her team are skilled at advising on positive solutions and good practice that will allow data protection officers to have confidence that risks to their organisations are being minimised and compliance enhanced.

Ben Martin, director of Safe4, believes that “many of our customers have shown that they take data protection very seriously, and are making extensive use of the secure information management capabilities that the Safe4 system provides. Christine’s presentation will add valuable insight to the opportunities for improvement in current practice to ensure that the additional demands of GDPR are being met”.

Safe4 version 4.5 is released

/in ,

Safe4 has been evolving steadily since launch in 2010, and the latest release is delivering some valuable enhancements.  As well as a series of underlying improvements to performance and security, some specific changes in functionality are included in this version:

  • The maximum number of failed login attempts has been set at 5, after which the user will be locked out and will have to restart their browser. This will help to counter any brute-force attacks that may be directed towards the system.
  • New look-and-feel on many of the pages in the provider administration functions. The pages that have been upgraded are now “responsive”, and will alter the layout according to the orientation of the device being used, and the size of the display window.
  • The user invitation process has been extended, with an unlimited number of invitations in a single page. The allocation of security groups to users has also been made simpler.
  • After successful registration of their account, new users will receive an email, branded with the provider details, advising of the correct URL to access the system in future with full provider branding.
  • Email signatures can be set at provider level, rather than relying on individuals to update their own account. Provider-level signatures can be overridden by individual users if they wish.
  • Email signatures can include the name and logo of the organisation, positioned in the footer of outgoing emails according to preference.
  • Branding screens have been improved, so that the process of entering welcome text for login pages and disclaimers for email invitations is simpler.
  • Newly-invited users will automatically be assigned the same time zone as the inviting user. This will help with the increasing adoption of Safe4 by organisations in different time zones.
  • A blacklist option for unwanted file types has been included at both provider and vault level, to complement the existing whitelist facility.
  • When a vault is copied with the users who have registered for that vault, the permission groups that have been applied to the user will be copied across to the new vault.
  • The File Index facility now shows when a file was last accessed any by whom, and as before can be downloaded in CSV format for further analysis and reporting.
  • The user count on the provider home page shows the number of active users and the number of pending invitations in each vault.

As always, we at Safe4 are listening to customer feedback. All of the changes listed above are the result of functionality requests from customers, and this approach will continue to drive the activities of the Safe4 development team.

For any further information on Safe4 and how it might be able to assist your organisation, please get in touch with us.

Safe4 to unveil the new Asset Register at the Society of Will Writers Conference

/in , ,

Safe4 launched the Digital Inheritance Vault at the Society of Will Writers Conference in October 2015, and this has subsequently been presented at many of the Society’s regional group meetings.  Members have been taking up the vault as a means of helping their clients to manage their inheritance plans and digital legacy, and many are actively promoting the facility.

At the Society’s Conference in October 2016, Safe4 will be announcing and demonstrating an important enhancement to the Digital Inheritance Vault.  Described as the Asset Register, this will provide a means for each client to manage critical information that will be essential when probate is being carried out, and importantly will allow the will-writer to set up different asset classes to manage information about the appropriate elements of their client’s digital legacy.

Strict security settings will be applied to the Asset Register to ensure that no unauthrised access can be gained.  Upon the death of the testator, and after suitable steps to prove identity, the client’s executor will be given read-only access to the Asset Register and the Vault, thus providing all of the requisite information required for probate in one place.

Different asset classes will include basic identity information about the client – NI number, NHS Number, etc – as well as online account details.  Physical assets such as property, jewellery, motor vehicles, works of art and others can also be identified in the register, as can details of accounts with organisations such as PayPal, gambling accounts, store cards, and others that may have credit balances that would add value to the estate.  Of great value will be the ability to record access details for the client’s digital devices, such as iPads, computers, telephones and others that may contain treasured memories, as well as information relating to email and social media accounts.

Ben Martin, Director of Safe4, believes that the Asset Register will add significantly to the value that the Digital Inheritance Vault brings to the end client.  “Until now, the vault has been a highly effective way to store the confidential documents that make up the client’s estate plan.  This in itself will have a major impact on the way in which probate is handled, reducing the time taken by 2 months or more by making all of the critical documents available in one place.  The Asset Register will enhance this considerably by providing a means to store a wide range of information that may not be represented in documents, but will nevertheless be of great importance to the client’s executor and family.  Unlocking social media and email accounts, allowing access to be gained to physical devices that may contain irreplaceable memories, and generally summarising a wide range of online activities in a facility that can be easily and safely updated and maintained during the testator’s lifetime will give the family a means to recover vital information that can so easily be lost.”

Personal email systems still being used to carry confidential information

/in , ,

It is no major surprise to learn that a major email service provider has been hacked – again – and that millions of people have had their personal information exposed to criminals. This is highlighted in an interesting article in The Times, published today.

What is still very unfortunate, however, is that a large number of professional practitioners in the UK are still failing to acknowledge that email is the leading source of computer crime and online fraud. Time and again personal financial information is being passed between lawyers and their clients, in residential property transactions for example, using the client’s personal email account. Repeated examples of these emails being hacked and bank account details being changed have not deterred some high-profile UK law firms from continuing this practice, irrespective of severe financial losses being experienced by their clients.

Also worrying is that it is common practice in some firms for lawyers and others to send confidential documents to their own private email accounts so that they can be worked on outside business hours or away from the office.

The Safe4 service was launched in 2010 to offer a highly secure alternative to email, not just for document transfer, but also for medium-term or permanent management of information. Based on UK-only storage in data centres that are accredited to the ISO 27001 international security standard, Safe4 offer a service that complies with the Solicitors Regulation Authority guidance on the use of cloud computing. Accessible at any time, from anywhere, it eliminates the need to trust confidential information to high-risk systems.

For more information on how Safe4 can assist your firm to minimise the risk of information loss or interception, please contact us.

Does it matter where your cloud data is stored?

/in , ,

Many millions of people now are using online systems that are hosted in the cloud. However, do we all know what that means, or the location where our vital information is being held?

The dramatic rise in the use of social media in the last decade has meant that a vast amount of personal information is being stored in cloud-based platforms, not all of which regard personal security or privacy as their top priority.

A recent article on the BBC website helped to highlight this – click here to read the article. The uncertainty over the location where data is stored, and the privacy laws in the jurisdiction that governs the use of that data, gives rise to a potentially major concern.

For this reason, Safe4 decided back in 2010 that ALL data stored within its servers would be held securely in a UK location. Because Safe4 does not allow its service to be used for advertising or any other form of promotional activity, the content of stored data and documents is completely safe. Unlike several of the major providers named in the BBC article, the business model of Safe4 does not permit the penetration of “confidential” information in customers’ accounts so that it can generate advertisements to the user based on their content.

The hosting partner of Safe4 was selected using different criteria. Because we know our customers need to be able to trust us to keep their information safe, we chose to work with a world leader in the provision of highly secure services, with an excellent record of 24/7 availability and reliability. Using ISO 27001-accredited data centres in the UK only, Safe4 has built a reputation for high quality of service and security levels which are among the highest in the industry.

For more information on how Safe4 secure information delivery and storage services can assist your organisation, please contact us.

Beware the perils of “free” cloud storage services

/in , ,

Are “free” cloud storage services really free?

Logic would suggest that whilst they may appear to be free at the point of actually storing a file, it is worth remembering that the companies who offer free storage services only do so because they want your data. Once stored on their servers, most of the large providers of such services will apply terms and conditions that at best allow them to interrogate users’ data, and at worst to actually claim ownership of users’ data.

It is also worth asking – what does the storage provider owe to the user, if the service is free? If data is lost or corrupted, or accessed without authority, who is liable? It is very unlikely that the storage provider will accept liability in such cases.

Even worse: what if the provider decides that after a period of time the service is no longer free or unlimited. A startling example of this has recently occurred in the case of Microsoft; click here for further details.

Reassuringly, the service offered by Safe4 is not free. We do not charge for storage as such, but offer competitive rates based on usage. The standard terms and conditions under which Safe4 operates give our customers significant protection, and can be accompanied by insurance against cyber attack if required.

Please contact us to learn more about how Safe4 can assist your business to provide highly secure document delivery and storage services to your employees, agents, clients, and any other internal or external parties.

Enhanced reporting for Safe4

/in

The reporting functions within Safe4 have been substantially enhanced, allowing reports that potentially run into hundreds of pages to be generated virtually instantaneously. This will assist Safe4 customers who need to produce information from their client vaults and data rooms on a regular basis.

As well as producing very rapid outputs, the reporting function now also allows the results of queries to be downloaded in .csv format, so that they can be opened in a spreadsheet for further analysis and distrubution.

The Safe4 service is being continually improved – for more information on how using Safe4 can assist your business, please contact us. We will be delighted to hear from you.