Are faxes more secure
than email?

When transmitting documents, organizations don’t want sensitive information being intercepted and falling into the wrong hands:

• A transmission breach can expose personal information like phone numbers, social security numbers and financial records which can then be exploited by hackers.

• Proprietary business secrets can be stolen, resulting in the loss of millions to a corporation.

• Inadvertently revealing customer records can result in unhappy – and even litigious – customers.

• Medical and financial institutions can face considerable fines from governing bodies if security regulations – such as Health Insurance Portability and Accountability Act (HIPPA) in the U.S. and the General Data Protection Regulation (GDPR) in Europe – are not strictly followed.

So which type of transmission is more secure:
email or faxing? There are security benefits and risks for both email and fax

Many people believe that emails are secure because their programs can be encrypted and there’s usually a login and password procedure. Computers can guard against cyberattacks through firewalls and anti-malware programs. Further, emails can be sent to specific individuals on their computers, unlike faxes which may transmit to a central machine in a highly trafficked space.

But there are still serious risks to using emails for transmitting sensitive information:

• Emails can contain malicious attachments, such as spyware or viruses that circumvent firewalls and infect a recipient’s computer.

• “Phishing” scams can dupe email recipients to providing passwords and other sensitive information.

• It can be more cumbersome to send legally binding documents via email – and some governing bodies will not accept legal document transmission except through faxing.

• Email accounts can be hacked, and sensitive information can be corrupted or stolen.

• Filters can reroute messages directly to spam mailboxes, so a recipient may be waiting for a time-sensitive document and miss critical deadlines.

Emails get stopped at many “checkpoints” before they reach the recipient, such as firewalls, ISPs, servers, virus checkers and possibly even data harvesting bots. With every checkpoint, there’s a possibility of interception and hacking. While the original email may have encryption, they are later saved, copied and forwarded without any form of encryption.

All fax transmissions use the Public Switched Telephone Network (PSTN) which ensures point-to-point transmission – making it more secure than email. A sent fax is converted into base64 binary at its source, travels via PSTN and then is reassembled at on the recipient’s fax machine. PSTN is much less susceptible to hacking because it would mean direct manual access to the telephone line. Even then, an intercepted file would appear to be simply noise and thus unreadable.

While hacking is not a major risk, sending documents through fax technology does not eliminate all potential security issues. For instance, when using a traditional fax machine, simply keying in one wrong digit on a fax machine can send confidential information to an unintended destination. In one case, seven doctors’ offices in Texas accidentally faxed sensitive patient records to a local radio station.¹ While a sender can confirm unknown fax numbers before sending, this security practice can become impractical for companies that may have hundreds of individual fax machines in use.

There are other serious risks to using faxes to transmit sensitive information:

• All fax machines (including electronic or network-based faxes) use the same protocol. So, a fax sent from one machine can be received by any other fax – running the risk of interception before it gets to its intended recipient.

• Faxed paper documents can be voluminous and difficult to catalog, file and store with ink and paper degrading over time.

• Paper documents left unattended in a fax machine at either end of the journey become vulnerable and could be accessed by unauthorized individuals.

• Paper documents can be stolen – from the physical fax machine, a person’s desk or a filing cabinet.

Working with traditional fax machines to produce secure faxes adds a burden to an already heavy workload for administrative staff. Because of this, many businesses are turning to web-based electronic (network) faxing. Network faxing uses faxing software and network fax servers to better ensure secure transmission of sensitive information.

Network faxing is designed to work with existing systems and use an organization’s existing network. It needs no dedicated phone line or fax machine. It needs no paper, no ink and no human monitoring. Network faxing enables staff to fax from Electronic Healthcare Record (EHR) applications, Project Management (PM) software, their desktop, from office applications by email, a Customer Relationship Management (CRM) platform and many other applications.

Network faxing eliminates many of the issues that traditional fax machines have in creating secure transmissions:

• Faxes are received electronically, eliminating the problem of inadvertently leaving faxes on the fax machine for anyone to read.

• The process of manual phone dialing is removed, so sending a fax with sensitive information to the wrong fax number is greatly reduced.

• Cover sheets with legal confidentiality statements can be automatically programmed into an electronic fax.

• No longer do faxes have to be scanned before being entered into various storage applications.

• Network faxing software can securely catalog, index and archive faxes automatically – eliminating paper-based storage issues.

• Network faxing, along with electronic archiving, enables easier tracking and retrieval of past faxes – creating an accurate audit trail of every fax.

• Some network faxing software can even monitor all types of communications and even block any information from being sent if this is against regulations or company policies.

GFI FaxMaker is a network fax server software that enables email to fax and fax to email for Exchange and other SMTP servers in a secure, encrypted environment. Faxing protocols make it nearly impossible to intercept a fax in mid-transmission – making it more secure than email. Electronic faxing with FaxMaker makes it easy to access this more secure protocol.

An organization can install the FaxMaker fax service as a physical, on-premise service with a standard fax modem; as a virtual Fax over IP (FoIP) through a gateway or VoIP phone system, or through Hybrid faxing with no equipment but integrated with a cloud-based faxing system.

FaxMaker is not only popular because of its greater transmission security, but also because of its ease of use:

• Users can sign in to the FaxMaker web client, fill in fax content on-screen, add attachments and simply click send.

• FaxMaker allows users to fax directly through an email application. Simply start to compose an email and in the “To:” box enter a fax number with “@faxmaker.com” at the end. Fill out the subject line, add body content and attachments and send.

• Incoming faxes pass through an OCR (optical character recognition) module that makes it possible to search in the fax body. This feature is useful when older faxes have to be retrieved.

• It provides features such as Application Program Interfaces (APIs), Short Message Service (SMS) alerts and digital signatures.

A companion to GFI FaxMaker is GFI Archiver. Businesses have to employ fast, safe and efficient storage software for faxes. Archiving can all be done with GFI Archiver. The system allows for intelligent reporting, and it is already configured to run reports that comply with record confidentiality mandates.