Most businesses are moving to the hybrid work model and allowing their employees to choose a preferred location. In turn, the document signing process when hiring new people and signing off deals and partnerships, also shifts online, posing new threats.
But the online world is full of risks, and many people still are wary of e-signatures. E-signing services are often offered to businesses by third-party providers, and blindly trusting them with sensitive data, both of clients, users, and in-house employees, is something that experts don’t recommend. Cybersecurity tools and systems have to be put in place.
Alireza Ghasemzadeh, the founder and CEO of Alohi, an e-signature service provider, told CyberNews that audits on security and compliance are necessary when dealing with sensitive information, as well as talked about the importance of expert security implementation and constant monitoring of those systems.
Tell us about your journey. How did Alohi come about?
The idea originated when I was on a trip in Bali trying to both relax and get some work done. I had to take a lot of business calls and had to have our local telephone solution configured to divert those calls. The idea of having a cloud-based phone solution with virtual office capabilities came to life. We implemented the idea with the brand of Alohi but put everything on hold to double down on just one feature at the beginning, the online faxing solution. Seeing how much demand there was for such service, and at the same time how poorly served it was, gave us a really good motivation to start our journey with FAX.PLUS - a secure, extremely easy-to-use online faxing solution.
Can you tell us a bit about what you do? What are the main challenges you help overcome?
We currently operate the leading online fax solution, FAX.PLUS, delivering service to over 2,000,000 users, spread across over 120 countries. We have also just launched our second product in our product suite, the online signature platform SIGN.PLUS as a public beta.With all our products, we try to ease the burden and overhead of utilizing over-complicated tools and software that are most of the time not secure. Our Swiss-based entity, along with compliance with strict standards and frameworks such as HIPAA, SOC 2, and ISO 27001, gives users the peace of mind that their data is securely managed.
Some might think that fax is no longer a relevant technology. Could you tell us more about your FAX.PLUS solution? How is faxing done nowadays?
Most people, especially organizations, use fax nowadays for compliance, legality, and/or security purposes. We tried to ensure that the foundation that we build our service upon, first and foremost, oversees all of these criteria and at the same time would give the user the best possible experience that would make the service a joy to use.
Have you noticed any new cyber threats arise as a result of the pandemic?
As we grow, we are seeing more and more cyber threats that we mitigate with the security measures we’ve put in place. But I can’t really say that this is directly a result of the pandemic.
Which security measures do you think are the best for combating such threats?
First and foremost I believe that the implementation of security frameworks and standards gives the greatest peace of mind. Although no system is ever 100% secure, implementation of frameworks such as SOC 2 and ISMS ensures that the bare minimum of security best practices are implemented, and you can only go upward from thereon. However, it’s very crucial to bear in mind that these are only frameworks and it’s very important that highly skilled experts in the field put the best building blocks in place within these frameworks to ensure availability, maintainability, scalability, and technical and non-technical security.
Even though the digital signature is becoming a widespread practice, there are still some myths and confusion around it. What misconceptions do you notice most often?
The biggest confusion is most probably the legality. We quite often see people confused with the legality of their electronic signatures. However, as each country has its own point of view on this topic, this is completely understandable. It’s important to help people get educated on this topic, and we’re trying our best to demystify regulations such as eIDAS, ZertES, and more for electronic signatures.
As more organizations are adopting the work-from-home model, what are some of the worst habits when it comes to sharing and signing sensitive documents?
I would say not having a unified approach for all workforce within an organization.There is no doubt that electronic signatures play a huge role in the WFH model. However, as it’s very easy today to get your documents signed online, sometimes even for free, companies are taking a huge risk by exposing their confidential information to service providers without a proper security/compliance audit.As work-from-home is and will continue to be a substantial element in all organizations, it’s very important that companies adopt a thorough audit process of all vendors and enforce unifications of online tools utilization across all workforce.
Which technologies will emerge in the near future as digital identity becomes a significant part of our lives?
It’s very hard to say what technologies will emerge per se, but it’s a known fact that this would be an enabler for services previously impossible to be offered online, to be offered not only online but also swiftly and securely. As service providers start exploring these new opportunities, new identity theft threats will emerge and I think that’s where we’ll see a lot of new technologies come into play to detect and prevent such threats.
Share with us, what’s next for Alohi?
We just got FAX.PLUS and SIGN.PLUS compliant with SOC 2 and ISO 27001, and our SIGN.PLUS product will soon finish its beta phase and roll out to the public. These are the initial stepping stones for creating an extremely versatile, secure, and compliant enterprise solution for today’s needs. We are currently working on other services within this suite that would help companies and teams streamline document flows and communications securely and efficiently.