Meetings & Conventions: Planner's Portfolio August
BY ELLIOTT MASIE
SENDING SECURE E-MAIL DOCUMENTS
Encryption is the key to prevent tampering with electronic
The Internet affords all sorts of opportunities, and in the
meeting world that soon will mean sending and receiving signed
documents electronically. But can we trust the security and
accuracy of e-mail as we send contracts, commitment notices and
meeting changes out into the ether?
To be sure that e-mail and attached files are secure, ask
yourself these questions.Is the e-mail from the person or organization that claims to
have sent it to me?Can anyone read the message other than the intended
receiver?Is this e-mail really a virus or worm that can harm our
WHO IS IT?
On the Internet, it is pretty easy to pretend to be someone you are
not. Most client programs allow users to enter any return address,
so I could pose as firstname.lastname@example.org.
There are two approaches to verifying the real source of an
e-mail. First, you can view the data in the message header,
including the actual route the message took, to discover the
originating e-mail server. This can be hard to decipher unless you
are a trained techno-guru.
Ideally, when the subject matter is proprietary or sensitive,
you want to receive a digitally notarized and registered e-mail to
verify the message really is from the appropriate source and you
are the only person able to view it. This is where encryption comes
in. The sender and the receiver can decide to use a "key" or secret
code to lock and unlock documents.
For example, I am ready to sign two years' worth of hotel
contracts for a conference we own. The salesperson will call me on
the phone and give me a private encryption key. This might be a 10-
to 12-digit code containing numerals and letters. Then she e-mails
me the contracts, which I cannot open without the key. Anyone else
who tries to read the document will see gobbledygook random letters
and characters. With the key, the document looks normal. I can sign
it, scan it and send it back, again using the encryption key.
There are many encryption approaches and technologies to make
this process work. Go to www.cypost.com/encryption.html
to view a robust explanation of the technical aspects of encryption
systems. Another good site is the National Institutes of Health's
security page (www.alw.nih.gov/Security/security-prog.html).
At the moment, the only way to send a signed contract
electronically is by scanning it in and attaching it to an e-mail.
Run this practice by your attorney or legal department to make sure
they accept such contracts as valid before signing and sending.
I predict that in a few years we will see an official notary
process for e-mail, to verify the identity of the sender. This will
prevent hyperactive 14-year-olds from blocking 500 rooms at a
The third question, about virus or worm safety, is particularly
timely. In the spring, many information systems departments had to
deal with the Melissa virus and, in June, the world was hit with a
second monster, a rapidly spreading worm. It disguised itself as a
message from someone you knew and carried an attached file. If
executed, the attachment wiped out all Microsoft Office files on
your computer and sent itself to everyone listed in your e-mail
Although virus-checking routines trap some of these insidious
illnesses, in our office we have implemented a rule that no one is
allowed to open an attachment from an unknown sender. When the
computer says, "You've got mail," the best rules of thumb are "know
thy sender" and "verify, verify, verify!"
ELLIOTT MASIE is president of the Saratoga Springs, N.Y.-based
Masie Center (www.masie.com), an international think
tank focused on learning and technology.
Back to Current Issue indexM&C
| Events Calendar
| Incentive News
| Meetings Market
| CVB Links
| Reader Survey
| Hot Dates
| Contact M&C