Ensuring Data Security With Cloud-Based E-Signature

November 21, 2013
172 Views

ImageIn June 2000, the US Congress enacted a law that is seen as a milestone for the digital landscape. Called the ESIGN act, this law made it possible for businesses to enter into legally bound agreements with their partners via electronic signatures.

ImageIn June 2000, the US Congress enacted a law that is seen as a milestone for the digital landscape. Called the ESIGN act, this law made it possible for businesses to enter into legally bound agreements with their partners via electronic signatures. This was a departure from the centuries’ old practice of signing on physical documents to ensure valid contracts. One of the biggest advantages of e-signatures was the time that could be saved. Businesses that sign agreements with vendors and contractors from other parts of the world had to typically wait for days for the agreements to be shipped from one country to the other.

With e-signatures, agreements may be finalized and signed in a matter of hours. No wonder then that e-signatures are extremely popular with banks, insurance providers and government offices that process hundreds of thousands of transactions every month. According to Silanis.com, which is the leading e-signature service provider in North America (source: Gartner), there are over 600 million e-signatures that happen on its platform every year. The overall number in the market is expected to be much higher.

E-Signatures are also extremely popular among businesses that offer cloud hosted solutions. The reason is simple – customers who pick cloud-hosted solutions rarely if ever meet the provider in person. Most of the discussions are online and even the registration, payment and support are done over the phone or the internet. Given that such businesses have customers from across the world, it also does not make logistical sense to meet these customers in person. Consequently, e-signatures are being seen as an extremely simple and efficient medium to sign contracts and get started on the job.

However, as with any cloud based service, e-signatures are prone to abuse if not implemented properly. This is because cloud hosted services often have multiple services that are being served from the same server. This makes it prone to snooping and tampering of data. However, over the years, the security of e-signatures have been strengthened. Here are some of the very important features to look at while signing up an e-signature provider

Certified Encryption & Key Management:

One of the very critical requirements for any e-signature service provider is to ensure that the document is not accessible to anyone except for the people signing it. To ensure this, the data must be secured through certified encryption standards that includes certified methods of key management.

Restricted User Authentication:

The next step in ensuring a secure e-signature process is to make sure that only the authorized person is capable of viewing the document. One way top e-signature companies enable this is to let the sender (banks, insurance companies, etc.) determine the person or persons who are authorized to view and sign the document. This ensures that this data cannot be broken into or tampered with by any other person.

Ensuring Data Integrity:

A major concern among people and businesses signing documents electronically is about the integrity of data. How plausible is it for the business partner to tamper with the content of the agreement that has already been signed by the other party? The major e-signature providers in the world make use of what is known as “dual source validation”. This technique validates the user accessing the data along with the particular set of data they are accessing. This ensures that no part of the agreement is modified without getting a consent from the authorized user.

Data Protection & Recovery:

Unlike on-premise solutions, cloud hosted e-signature service providers have the onus of ensuring that the data remains safe and secure in times of disaster. A common way to do this is by distributing the service across various geographies so that recovery of data may be done easily after disaster has struck. In addition to this, the datacenters holding the confidential documents must have certified access protection so that they may not be tampered with.

E-Signatures are still an emerging medium of business agreements. However, with a 50% annual growth rate, this is expected to proliferate much more in the coming years. Besides the security parameters mentioned above, e-signature vendors must also ensure peak load availability and periodic security audits to ensure that the data they hold is extremely secure and tamper-proof. Most leading vendors in the market today offer this and much more to ensure customer satisfaction and security. However checking for the pointers above should help businesses conduct due diligence of the provider before they migrate to an electronic signature model for their agreements.