The Top 10 Threats to Your E-Signed Documents

Slides:



Advertisements
Similar presentations
CHAPTER 2 KNOW YOUR VILLAINS. Who writes it: Malware writers vary in age, income level, location, social/peer interaction, education level, likes, dislikes.
Advertisements

Why is there Concern about the Effect of the Internet in Society? E-Commerce: Jason Logan eBay: Ben King Hacking: Khyle Westmoreland Censorship: Ben King.
INTRODUCTION Why Signatures? A uthenticates who created a document Adds formality and finality In many cases, required by law or rule Digital Signatures.
E-business Security Dana Vasiloaica Institute of Technology Sligo 22 April 2006.
Manjit kaur Manjit Kaur1. Why do we need to protect our computer from a virus? A reason why we need to protect our computer from a virus is because it.
MOBILE DEVICE SECURITY. WHAT IS MOBILE DEVICE SECURITY? Mobile Devices  Smartphones  Laptops  Tablets  USB Memory  Portable Media Player  Handheld.
Internet Security for Small & Medium Business Week 6
IT security By Tilly Gerlack.
GOLD UNIT 4 - IT SECURITY FOR USERS (2 CREDITS) Rebecca Pritchard.
Manjit kaur Manjit Kaur1. Why do we need to protect our computer from a virus? A reason why we need to protect our computer from a virus is because it.
Federal Acquisition Service U.S. General Services Administration eOffer/eMod Training eOffer/eMod Training Keonia Cobbins Systems Development Office of.
MobileSecurity Vulnerability Assessment Tools for the Enterprise Mobile Security Vulnerability Assessment Tools for the Enterprise Integrating Mobile/BYOD.
Identity Theft What is it, is identity theft really a problem, how can I protect myself, what do I do if my Identity is stolen.
ONLINE SECURITY Tips 1 Online Security Online Security Tips.
Outline of this module By the end of this module, you will be able to: Identify the benefits of using social networking to communicate with family and.
Mobile device security Practical advice on how to keep your mobile device and the data on it safe.
Effective Contract Management for Small Business
The Best Ways To Sign Documents Electronically When On The Go
Contract Law 101: Are Scanned Signatures Valid
The Simple Guide to Electronic Signature Workflows
E sign Requirements: How to make sure an esignature is valid
THE BEST CRM SOFTWARE FOR YOUR BUSINESS
10 Pro tips For Boosting Your Business’ Digital Security
7 FAQ’s About Signing Documents Online
What Counts As An Esignature?
Contract Law: Saying Goodbye Effectively
How the ESign Act Makes Esignatures Work
The Difference Between Digital Signatures and Electronic Signatures
Why Freelance Developers Are Switching To Econtracts
Protecting Your Assets By Preventing Identity Theft
AP CSP: Identifying People with Data and The Cost of Free
Chapter 40 Internet Security.
Shopping on Amazon & Safe Shopping
Creating your online identity
Hacking Computer crime and cyber security.
Common Methods Used to Commit Computer Crimes
SafeSurfing Module 5.
Information Security.
Ways to protect yourself against hackers
PAYMENT GATEWAY Presented by SHUJA ASHRAF SHAH ENROLL: 4471
How do we buy and sell on the Internet safely?
Lesson 3 Safe Computing.
Symantec Code Signing Certificate
IWRITER 365 Offers Seamless, Easy-to-Use Solution for Using, Designing, Managing, and Sharing All Your Company Templates in Microsoft Office 365 OFFICE.
Online Safety.
How to Check if a site's connection is secure ?
Digital Signature.
Lesson 2- Protecting Yourself Online
STOP. THINK. CONNECT. Online Safety Quiz.
Ordering Healthy Food Online
Risk of the Internet At Home
12 E-Commerce Overview.
Shopping experience! Is it safe to pay online? Ian Ramsey
With IvSign, Office 365 Users Can Digitally Sign Word Documents in the Cloud from Any Device Without Having to Install Any Digital Certificates OFFICE.
Using eSignature for Signing IBM Contracts
Shopping experience! Avoiding online fraud Ian Ramsey C of E School
Why ISO 27001? Subtitle or presenter
SafeSurfing Module 5 September 2016.
The Hacking Suite for Governmental Interception
The main cause for that are the famous phishing attacks, in which the attacker directs users to a fake web page identical to another one and steals the.
What is BankMobile? A process to select how to receive student refunds and student payroll payments It is fast, secure, and convenient. Go to:
Why ISO 27001? MARIANNE ENGELBRECHT
Security+ All-In-One Edition Chapter 15 – Web Components
Topic 5: Communication and the Internet
Your Best Tool for Online Ordering Is Now Better Than Ever.
Internet Safety – Social Media
Lesson 2- Protecting Yourself Online
Handling Information Securely
Custom WordPress Development Services - All You Need to Know.
Founded in 2002, Credit Abuse Resistance Education (CARE) educates high school and college students on the responsible use of credit and other fundamentals.
Presentation transcript:

We live in a globalized world, driven by connectivity afforded by the Internet. This has created many opportunities for us. It has even changed the way we work, giving us chances to work for clients outside of our immediate location. Online documents are one area that has made business processes a lot easier. Being able to sign these documents online is a natural extension of our new working practices. E-signed documents give us a way to make contract creation and signing, seamless. Electronic document signing gives us an online way to retain the benefits of a normally offline process. But this connectivity has also offered opportunities for cybercriminals and anyone who wants to defraud us. When we decide to do any business online, or in a non- traditional way, we have to be as vigilant as we are in the real world. The following threats are ones we need to watch out for when we use digital signature technology and electronically sign documents:

Threat #1: The court threw my case out, but we all signed the contract – why! You’ve created a contract and all the parties involved have signed it. But then there is a fall out; you end up in court arguing your case. It comes down to an analysis of the contract, but when it was checked, the e-signing software you used wasn’t compliant with the law for electronic signatures, and you loose your case. Make sure that any signing software you use is complaint with the various electronic signature laws. These include in the USA, ESIGN and UETA and in Europe the EU Directive 1999/93/EC. If the software doesn’t clearly state it supports legislation, in the way that ApproveMe does, then don’t use it. ESIGNEU Directive 1999/93/EC.ApproveMe Threat #2: Something is amiss…the contact has changed Good digital signing software platforms are based on a technique called hashing. The software will make a ‘hash’ of the content of a document that creates a unique fingerprint of that content – a bit like its own DNA. The hash is created during the signing process. The reason it does this is because if anything changes in that document, like someone sneaks in a new clause or changes a number, then the hash will change with it. E-signing software like ApproveMe, have audit systems in place to make sure you know if a change event has happened.

Threat #3: The digital signatory isn’t really who they say they are When someone electronically signs a document or contract, the signature uses a digital certificate. A digital certificate is a digital representation of a person or a company and is issued after checks that, they are, who they say they are, are made. Digital certificates are made up of two parts, a public and a private key. The private key is used to encrypt the hash of the document. The public key is accessible by anyone, and gives the details of the person that the certificate represents. The problem arises when someone else uses another person’s certificate without his or her consent. To prevent this happening, make sure that a PIN code is used with a certificate, so only the person that owns the certificate can use it. Threat #4: It’s a fake! Digital signatures can be used to fake signatures on a contract. If you don’t use signing software that has been built to secure the entire process of online document signing, then you are at risk of fraud. Unless the system can accommodate the use of digital certificates, encryption, hashing, audit trails and various other security measures, then the system is not fit for purpose and puts your business at risk of fraudulent contract creation and signing.

Threat #5: Someone stole my document! The Internet has made working online and e-signing documents really easy. But it has also potentially left a gaping hole by keeping documents on a server accessible over the web. Keeping documents encrypted is one way to protect them. If a document does get stolen, the thief won’t be able to open it. Threat #6: Oh no! My documents were accessed by the wrong person One of the most important areas of signing of online documents is to make sure that the signing transaction is carried out by the right person; making sure the document or contract is accessed only by that person, not someone else. To do this you need a user check or ‘authentication’ before allowing access. For example, ApproveMerequires that a person proves their identity by receiving an , answering personal questions, or receiving an SMS code on their mobile, before access is allowed. ApproveMe Threat #7: A man in the middle stole my contract! Man in the MiddleMan in the Middle (MitM) attacks are web-based threats where someone steals information that is transferred over a web connection. MitM attacks and mobile MitM attacks are increasing.

The Open Web Application Security Project (OWASP) have placed MitM attacks as a top ten attack threat. Your online contracts and documents may contain sensitive information, like Personally Identifying Information (PII), pricing, and even intellectual property details. The last thing you want to have happen is a MitM attack. One of the ways to help prevent this type of attack is to make sure that the whole e-signing process is delivered using a secured session. That is the normal HTTP is an HTTPS connection; the S in HTTPS standing for secure.OWASP Threat #8: The esignature image is stolen from the server Often, electronic signatures are accompanied by an image of someone’s real signature, or the mark that they normally use. This is a valuable commodity as anyone who wants to masquerade as that person could use it on a contract, signing as them. It is therefore important that this image is never stored on a server. Threat #9: Software vulnerabilities, the cybercriminals friend When you hear about someone infected by malware, the most likely reason they became infected – no matter how the malware was transmitted – was because the software they were using contained a ‘vulnerability’.

What this means is that software, like a browser or a plugin, has a bug in it. The malware takes advantage (exploits) this bug to install itself. You even get malware installs that are silent. That is the malware installs itself without the person ever knowing about it. When choosing an e-signing solution you need to make sure it is regularly updated. Professional, dedicated platforms like ApproveMe take potential exploit seriously and so ensure that they bring out updates and patches as needed.ApproveMe However, it’s also very important that you keep other software, like browsers and operating systems, up to date and patched too. Threat #10: Take your time and do it right It’s easy to use digital signature software, especially one, like ApproveMe which integrates directly to your website using a WordPress plugin. Because it’s so seamless and easy, you need to be extra careful that you don’t just point and click, without reading the contract carefully.

Safe Esigning Online document signing has given us the tools to make contract and document signing fast and seamless. It also means we can work remotely, saving time and money. But with this new found freedom comes potential threats, so we need to be vigilant and make sure that the care we gave to reading and signing contracts offline, is carried over to our online dealings too. Article Resource: signed-documents/ signed-documents/