Evolving Email: Why we invested in ZIVVER
Email: The necessary evil
Email has established an unassailable position as the principal channel for all business communication. It also doubles up as the OS and the system of record — we manage tasks and arrange meetings via email, and we archive or at the very least keep all our messages, “just in case”. An yet, email is far from perfect: not only is it the primary business communications tool, it is also the primary vector of attack and means of data leakage.
Many studies point to human error as the main cause of email security breaches. The vast majority of users responsible for a data leak are not malicious cyber pirates — much more likely, they accidentally sent a sensitive email to the wrong person because they were not paying attention to the addressee field, or they fell victim to a phishing attack, or they could not email a large attachment to someone and so resorted to a third-party file-sharing site. The real problem is that email — the main tool that people use to do their job — was built with neither the modern workplace nor security in mind. Email places an unreasonable burden of responsibility on the end user not to make mistakes, and its technical limitations push people towards unsecure behaviour.
But email is not going away. With 5 billion email addresses worldwide, all in the hands of humans, what is needed is something that allows users to communicate securely and yet in a way that is as intuitive, easy and familiar as email. “Secure technology” and encryption are only part of the answer: it is also vitally important to factor humans into the design from the outset, in order to minimise their chances of making a mistake or taking a security risk — a crime that people commit simply in order to get their job done.
Email 2.0: ZIVVER
In ZIVVER, we believe we have found a company that will be the leader in the evolution of business email, and so we are proud to be partnering with DN Capital and existing investor HenQ to lead the $12m Series A. So what is ZIVVER? Far more than a simple check of the addressee field, ZIVVER is a full-stack communications platform that allows one to email, chat and share large files, all in a secure fashion and with very little disruption to the end user.
While you are composing an email, ZIVVER’s machine-aided software scans the address fields, body and attachments, flagging any unusual behaviour patterns: social security numbers being sent to a new Gmail address or a “Confidential Memo” en route to your mother. The checks occur in real time, providing not only safety but also educating the end user about good practice — should you really be sending that document by email? These ongoing nudges are a highly effective way of building security awareness — and certainly much better than a dreary annual training session where everyone falls asleep anyway.
What also makes ZIVVER different is that, rather than just telling you that you are about to do something stupid or naughty, it actually offers you a solution. Simply by moving a slider in your Outlook window, you can switch over to secure email. Behind the scenes, you are in fact changing the messaging protocol from email to ZIVVER’s secure system, which is connected to your email client frontend via an API. In transit, your email is protected with ISO-certified asymmetric encryption. Still made a mistake? Not a problem! After you hit “send”, ZIVVER will let you know whether your message has been read and will help you retrieve it.
What about the recipient? Historically, the problem with encrypted email has been that it is clunky for the other party to access, requiring creation of new accounts or installation of new apps. Faced with many obstacles to open one email, many give up (yes, I am talking to you, Westminster Council). With ZIVVER, things are much easier. If the recipient has a ZIVVER account, the secure message automatically decrypts and just lands in their regular email inbox. If they do not, they can access the message without creating a ZIVVER account and reply directly. If you need that extra layer of security, you can simply add 2-factor authentication at a click of a button. It is seamless.
A true communications platform, ZIVVER has you covered for all use cases, including oversized attachments. No need to revert to dubious behaviour — like upload your large file to WeTransfer or copy to a USB stick — or else resort to archaic technologies like fax. ZIVVER allows you to securely send files up to 5TB — that is 100,000x greater than the limit with normal email. Large files are not a whim for many an industry. For hospitals sending sensitive and frequently time critical medical images to patients, this functionality is truly transformative.
Add to to all of the above an analytics dashboard reporting on the entirety of your organisation, and here you have a bullet-proof, enterprise grade tool. ZIVVER’s product is what makes it unique: it is technologically superior, it is intuitive and it empowers and educates users to behave securely. Most importantly, from the end user’s perspective it looks and behaves just like email — only better.
The journey so far
Founded in Amsterdam in 2015, ZIVVER has quietly grown to become the #1 form of secure communication for Dutch healthcare and government professionals, with 1,000 users contracted since early 2017. Its exceptional team has seen the problem firsthand, having for years consulted hospitals and healthcare organisations, before deciding to build the product that the market lacked so direly themselves.
It is easy to see the need for a tool like ZIVVER in a hospital that has access to a broad array of personal data, from medical history to insurance policies. We believe that in the healthcare sector alone, the opportunity is huge. An average US hospital accumulates 50 petabytes of data. As datasets grow and patient records become increasingly digital, sharing data in a secure fashion is critical. Last year, the problem hit close to home — the biggest ever NHS data loss led to 850,000 pieces of sensitive, personal paperwork going “astray”.
But healthcare professionals are not alone in their bid to communicate securely: countless other white-collar services, from education to finance, have similar requirements. In the European context, the pain point is ever more acute given the GDPR requirements. Only 21% of UK organisations consider themselves to be GDPR-ready, despite the data protection law having come into force on 25 May. Secure email is no longer a ‘nice to have’ but an absolute must, required by the regulators.
So here is to making email great again!