I used to work at a retail store not even ten years ago, and we would submit delivery orders via fax. It’s weird until you realize they’re great for reliability and record-keeping. No batteries needed, totally existing infrastructure, kinda fun to use tbh.
They are fairly insecure in practice, since they are throwing the data at misdialed numbers and they are frequently placed in shared and insecure locations in the building where lots of people can access whatever comes through.
Sure. But as someone who used to work IT with a focus on cybersecurity, physical access to anything trumps everything else, and people who put fax machines in insecure locations will also put email servers or whatever in them. Also throwing data at misdialed numbers is a tiny threat because the odds of transposing a number or whatever and also getting a fax machine are pretty tiny.
Although the guy above you was just talking about how he works in the industry and they mostly do efax now, which… Iono how that’s supposed to be more secure than just email or whatever. I guess if you’re sending to physical machines it’s more secure on that end, but if the senders are using efax some of the receivers prolly are too, at which point we’ve lost the whole point of using fax machines.
As someone who directly manages faxing in the company i work for, yup! In Healthcare and we send out results to doctors and hospitals through faxing all day every day. We have mostly converted to electronic fax. We still control the servers on prem but the account is linked to a cloud solution so all the faxes are created with the servers and instead of using our own telephony solution like we used to, we send directly over internet to the provider who then sends out to the clients at the last leg. Hundreds of thousands of pages every month. From my understanding, it’s still the easiest solution to get away with not having to implement some new system that will be subjected to audits. Faxes are accepted, and little is required to show for compliance.
Interesting, how is eFax any more secure than email? The advantage of fax is it’s one machine to one machine, no possibility of interception without physically tapping the POTS line.
It’s not. Information is secure at rest and encrypted during transfer, but once it reaches the part where it is sent over voip using a telecom provider, it has the same issues as it always did. We use it because its the best way to send this many faxes, as well as automate things using our internal applications to send faxes through it as well as other applications that we leverage its API to use the service. One advantage that makes it semi more secure is if we send a fax to another client that also uses the same service as we are then then it’s actually a secure stream for the entire path.
They’re common in the US too in doctors offices and hospitals because of the security requirements of transmitting patient records and such.
I used to work at a retail store not even ten years ago, and we would submit delivery orders via fax. It’s weird until you realize they’re great for reliability and record-keeping. No batteries needed, totally existing infrastructure, kinda fun to use tbh.
Legally defined as secure, not actually secure.
They are fairly insecure in practice, since they are throwing the data at misdialed numbers and they are frequently placed in shared and insecure locations in the building where lots of people can access whatever comes through.
In the US they cannot be in “insecure locations” legally. And sending HIPAA materials to the wrong number is a reportable offense.
Sure. But as someone who used to work IT with a focus on cybersecurity, physical access to anything trumps everything else, and people who put fax machines in insecure locations will also put email servers or whatever in them. Also throwing data at misdialed numbers is a tiny threat because the odds of transposing a number or whatever and also getting a fax machine are pretty tiny.
Although the guy above you was just talking about how he works in the industry and they mostly do efax now, which… Iono how that’s supposed to be more secure than just email or whatever. I guess if you’re sending to physical machines it’s more secure on that end, but if the senders are using efax some of the receivers prolly are too, at which point we’ve lost the whole point of using fax machines.
As someone who directly manages faxing in the company i work for, yup! In Healthcare and we send out results to doctors and hospitals through faxing all day every day. We have mostly converted to electronic fax. We still control the servers on prem but the account is linked to a cloud solution so all the faxes are created with the servers and instead of using our own telephony solution like we used to, we send directly over internet to the provider who then sends out to the clients at the last leg. Hundreds of thousands of pages every month. From my understanding, it’s still the easiest solution to get away with not having to implement some new system that will be subjected to audits. Faxes are accepted, and little is required to show for compliance.
Interesting, how is eFax any more secure than email? The advantage of fax is it’s one machine to one machine, no possibility of interception without physically tapping the POTS line.
It’s not. Information is secure at rest and encrypted during transfer, but once it reaches the part where it is sent over voip using a telecom provider, it has the same issues as it always did. We use it because its the best way to send this many faxes, as well as automate things using our internal applications to send faxes through it as well as other applications that we leverage its API to use the service. One advantage that makes it semi more secure is if we send a fax to another client that also uses the same service as we are then then it’s actually a secure stream for the entire path.