Most businesses are moving to the hybrid work model and allowing their employees to choose a preferred location. In turn, the document signing process when hiring new people and signing off deals and partnerships, also shifts online, posing new threats.
The online world is full of risks, and many people still are wary of e-signatures. E-signing services are often offered to businesses by third-party providers, and blindly trusting them with sensitive data of clients, users, and in-house employees. This is something that experts do not recommend, which is why cybersecurity tools and systems have to be put in place.
Alireza Ghasemzadeh, the founder and CEO of Alohi, an e-signature and e-faxing service provider, told CyberNews that audits on security and compliance are necessary when dealing with sensitive information. The importance of expert security implementation and constant monitoring of those systems were also mentioned.
Tell us about your journey. How did Alohi come about?
The idea originated when I was on a trip in Bali trying to both relax and get some work done. I had to take a lot of business calls and had to have our local telephone solution configured to divert those calls. The vision of having a cloud-based phone solution with a virtual office capability came to life.
We implemented the idea with Alohi, beginning with just one feature: the online faxing solution. Seeing how much demand there was for such a service gave us motivation to start our journey with FAX.PLUS – a secure, extremely easy-to-use online faxing solution.
Can you tell us a bit about what you do? What are the main challenges to overcome?
We currently operate FAX.PLUS, the leading online fax solution that delivers service to over 2 million users spread across more than 120 countries. We have also just launched our second product in our product suite, SIGN.PLUS which is an online signature platform.
With all our products, we try to ease the burden of using complicated tools and software that can be unprotected and unsafe. Our Swiss-based entity is compliant with strict standards and frameworks such as HIPAA, SOC 2, and ISO 27001 which gives users the peace of mind that their data is securely managed.
Some might think that faxing is no longer a relevant technology. Could you tell us more about your FAX.PLUS solution? How is faxing done nowadays?
While many organizations still use fax for compliance, legality, and security reasons, our top priority is to ensure that our service's foundation meets all criteria and provides users with the best possible experience, making our service a joy to use.
Have you noticed any new cyber threats arise as a result of the pandemic?
As we grow, we are seeing more and more cyber threats that we mitigate with the security measures we’ve put in place, but I can’t really say that this is directly a result of the pandemic.
Which security measures do you think are the best for combating such threats?
First and foremost, I believe that the implementation of security frameworks and standards give the greatest peace of mind. Although no system is ever 100% secure, implementation of frameworks, such as SOC 2 and ISMS, ensure security best practices are implemented.
However, it’s very crucial to bear in mind that these are only frameworks, and it’s very important that highly skilled experts in the field put the best building blocks in place within these frameworks to ensure availability, maintainability, scalability, and technical and non-technical security.
Even though the digital signature is becoming a widespread practice, there are still some myths and confusion around it. What misconceptions do you notice most often?
The biggest confusion is most probably the legality. We quite often see people confused with the legality of their electronic signatures. However, as each country has its own point of view on this topic, this is completely understandable. It’s important to educate people on this topic. We’re trying our best to demystify regulations such as eIDAS, ZertES, and more for electronic signatures.
As more organizations are adopting the work-from-home model, what are some of the worst habits when it comes to sharing and signing sensitive documents?
I would say not having a unified approach for all workforce within an organization. There is no doubt that electronic signatures play a huge role in the WFH model. However, as it’s very easy today to get your documents signed online, sometimes even for free, companies are taking a huge risk by exposing their confidential information to service providers without a proper security or compliance audit.
As work-from-home continues to be a substantial element in all organizations, it’s very important that companies adopt a thorough audit process of all vendors and enforce unifications of online tools across all workforces.
Which technologies will emerge in the near future as digital identity becomes a significant part of our lives?
It’s very hard to say what technologies will emerge per se, but it’s a known fact that this would be an enabler for services previously impossible to be offered online, to be offered not only online but also swiftly and securely. As service providers start exploring these new opportunities, new identity theft threats will emerge and I think that’s where we’ll see a lot of new technologies come into play to detect and prevent such threats.
Share with us, what’s next for Alohi?
We just got FAX.PLUS and SIGN.PLUS compliant with SOC 2 and ISO 27001, and our SIGN.PLUS product will soon finish its beta phase and roll out to the public. These are the initial stepping stones for creating an extremely versatile, secure, and compliant enterprise solution for today’s needs. We are currently working on other services within this suite that would help companies and teams streamline document flows and communications securely and efficiently.