Signing on the Dotted Cloud
One area where the virtual world of the cloud leads to a sense of discomfort has to do with signing documents and contracts. For centuries, the binding value of an agreement was based on an individuals capacity to sign his or her name at the bottom a visual and permanent testament to a persons consent to the terms of the agreement. Prior to the age of the fax machine, these documents were signed and then transported by courier or mail, but this changed once it became possible to enforce contracts based on a documents own digital facsimile.
Today, in a world where almost everything is accessible instantly via the cloud, the act of physically printing a document in order to sign it, scan it and fax it back seems dated and time-consuming, and to that end a number of online solutions have appeared that allow individuals to append a graphic signature to an electronic document such as a PDF or Microsoft Word file.
Currently the most widely-used online signing tools include Echosign by Adobe Systems, DocuSign, SignNow and HelloSign, although there are many others. In all of these cases, the recipient of a document is prompted to place a signature, initial or date at specific locations on a page, and then save and re-send. Its as simple as that. The signature itself is formed from either a selection of cursive-style fonts from which the signer can choose, a space for the signer to physically scrawl their autograph, or the option to upload a previously-saved image of their own signature.
Naturally the initial resistance that many organizations feel when confronted with this technique has to do with security and legitimacy. After all, how can it be proven that a signature delivered electronically is real?
Each of the major online signing companies explain very clearly on their websites just how security is maintained. First they make mention of their adherence to national and international signing laws such as the Uniform Electronic Transactions Act (UETA) established in 1999, The Electronic Signatures in Global and National Commerce Act (ESIGN) enacted by the U.S. Congress in 2000, and the Canadian privacy law, PIPEDA. These international laws established standards for the legitimacy and legal enforceability of electronic signatures. Furthermore, some of these providers will demonstrate compliance with the information security management system (ISMS) standard ISO27001.
Next, they highlight the actual security features that accompany every single document. An electronic signature represents more than simply a visual graphic; it includes encryption to ensure that the sender is indeed the sender, and backs this up with an extensive digital paper trail and audit process.
And finally the provider takes care to demonstrate the types of clients who have already embraced and benefited from electronic signing, from airlines, engineering and insurance companies through to law firms and even professional athletes, signing multi-million dollar contracts.
As with all things computer-related, the decision to embrace online signing should be made after sufficient research and testing to ensure the the chosen technology is physically useable and acceptable by both internal staff and external clients and suppliers. Decision-makers should be able to understand the difference between an electronic signature, as provided by online document signing suppliers, and a digital signature, which is a certificate-based user ID often used for access to databases or in smart cards. For contracts and other paperwork that requires agreements between people, the electronic signature is sufficient, legal and enforceable.
With the cloud becoming the centrepiece of business, and with the adoption of mobile devices and BYOD as standard practice, the concept of keeping crucial documents in a centrally accessible, secure and auditable zone makes more sense than ever before. As with many innovations before it, its relative novelty and the very human sense of fear and mistrust that accompanies change will spur decision-makers to do their homework before embracing this technology, and in so doing will help ensure its safe and practical relevance.
The bottom line literally in this case is that signatures made online can actually be more secure than any action short of signing in person in front of witnesses. It actually offers a greater degree of safety than a faxed document, and one need only think of the numerous times people leave their signatures lying around, such as when signing credit card slips, signing for courier deliveries, or forgetting original documents at the photocopier, to realize the types of dangers that online signing actually removes from todays high-speed business world.
By Steve Prentice
- The DDoS That Came Through IoT: A New Era For Cyber Crime - October 13, 2016
- Ransomware’s Great Lessons - September 28, 2016
- IoT: Connected Manufacturing Leads To Service as a Product - March 9, 2016
- The Lurking Threat Called Passivity - February 22, 2016
- Security: The Goodwill Virus That Keeps On Giving - February 11, 2016