There is a large number of emails need to be processed every day in insurance industry. These emails almost involve many confidential information of clients and partners, but they are all cleartext emails, which are very easy to be illegally stolen and tampered with. This is an email security problem that must be resolved as soon as possible.
To ensure the security and confidentiality of the email, the content of the email itself must be encrypted. To ensure the credibility of the email without being counterfeited, every outgoing email must be digitally signed. To ensure the time of the sent email is credible, every outgoing email must be timestamped.
Insurance organizations simply change the current email client to MeSign APP to achieve full encryption, end-to-end encryption and fully automatic encryption, as well as fully automatic digital signature and timestamp. If insurance organizations think it is not practical to change their email client, then they can deploy MeSign Mail Gateway to encrypt every outgoing email without changing email client.
And we recommend that insurance organizations can deploy their own cryptographic key management system (KM) to fully control their encryption keys to meet the high security requirements of email security.
Using MeSign for end-to-end email encryption will enable insurance organizations to truly implement mobile working, which not only meets the urgent needs of mobile working, but also meets the high security requirements for email.
As shown in the following diagram on the left, in order to ensure that the encryption key is highly secure and controllable, insurance organization only needs to connect the plug-and-play KM device to the intranet. All staff’s computers and mobile devices must be able to connect to KM device to get the encrypting certificate private key. After successfully obtaining the encrypting certificate, the email encryption can be used normally. KM devices cannot access the Internet and are limited to employee computers and mobile devices access in intranet to ensure the device and private key security. Insurance organizations can also build their own CA to issue certificate for its users instead of using the MeSign default CA. MeSign provide a plug-and-play CA device that just need to connect to internal network, MeSign APP will get the signing certificate and encryption certificate from this in-house CA system, not from MeSign default CA.
In other words, MeSign encryption solution allows insurance organizations to achieve complete and autonomous control of confidential emails by simply managing and controlling the encryption key and/or issue the certificate by itself even the application environment is untrustworthy.
The insurance industry has a large number of paper documents and forms to be processed every day. For example, purchasing insurance, filling out insurance claim forms, signing insurance contracts, insurance policies, and the internal documents signing. They have begun to shift to paperless, but the problem is how to ensure that these electronic documents are really issued by insurance company, have not been impersonated and tampered. At present, the only feasible technical solution is to digitally sign all insurance documents in PDF with timestamp and send them to users using encryption.
MeSign not only has digital signature automation solution that can help the PDF documents generated by the internal insurance systems to achieve a trusted digital signature with one click, but also has email signature and encryption automation solution to help the insurance systems to send the signed PDF document by encrypted email to users, and completely make the electronic files with reliable digital signature without counterfeiting and make the delivery of electronic files more secure.
As shown in the above diagram on the right, the user handles the insurance services on the insurance company system and fills in forms online. After completing the forms, the user can sign by hand on the business system or use the corporate USB Key certificate to submit to the insurance management system. After processing is completed, the insurance system calls the cloud MeSign eSigning Service system or locally calls the MeSign e-Signature System to sign the PDF file with Adobe trusted certificate. For services that do not require the user to fill in the form (such as insurance policy, statement, announcement or notice), the PDF file generated on the insurance system can be directly called the MeSign eSigning Service to complete the PDF signature.
It is recommended to encrypt all important insurance documents. System just need to call MeSign public key certificate database (CerDB) to obtain the user's encryption certificate to encrypt the PDF file, the user can seamlessly view the encrypted PDF file using Adobe Reader. The insurance system sends encrypted emails to users using the user's encryption certificate, ensuring the secure and reliable delivery of various user confidential documents. Users only need to use MeSign APP to decrypt and read the documents.
This solution has four advantages to ensure that all important insurance documents are trusted paperless and encrypted in delivery: