▼ Security software cannot detect viruses in attachments.Ĭurrently, many security software programs automatically scan email attachments for viruses. If the first email with the attachment is accessible, the second email with the password will be equally compromised. There is little point in sending a password-protected zip file and the password in separate emails if hackers can access the email system. ▼ Sending encrypted zip and password separately by email provides limited protection. However, why is PPAP considered dangerous, and why is there a growing trend to abolish it? Below are five reasons: (*2) In response, the Japan Institute for Promotion of Digital Economy and Community (JIPDEC), which operates the Privacy Mark system, has also officially announced the organization has never endorsed PPAP. Why is PPAP dangerous? Why is it being abolished by the Japanese government?Īs mentioned at the beginning of this article, the Cabinet Office has decided to abolish the use of PPAP. As a result, the use of PPAP in Japan has remained unchanged to this day.
However, faxing or sending paper documents became too cumbersome, so it was gradually decided that passwords could also be sent by email, simplifying the method. The above method was thought to be useful in becoming a Privacy Mark certified entity and spread rapidly in Japan. The origins of this practice can be traced back to the early days when email was first used for business purposes, and this method of sending password-encrypted zipped files by email and then providing the password through another channel (fax, paper document, etc.) was developed as a security measure. PPAP is widely used in Japanese companies, and in many cases, its use is even an official company security policy. It is not clear why PPAP has become so popular in Japan, but it seems to be one of the unique business practices that have developed in Japan. While PPAP is a common security measure in Japanese companies, in fact, it is rarely seen overseas where password-protected zip files tend to be viewed suspiciously and treated as potential virus vectors. The abbreviation "PPAP" was coined by IT consultant, Akira Ootaishi, and comes from the following terms (*1):ĭo other countries use PPAP, or is it only used in Japan? As a part of security measures, this method is used by many companies and organizations, as well as government agencies in Japan. PPAP refers to the process of sending an encrypted file (with password) attachment in an email and then sending the password to unzip the file in a second email. In today’s article, we will provide an overview of PPAP, its problems, and safe alternatives. In November 2020, the Japanese government's Minister of Digital Transformation, Takuya Hirai, announced that the Cabinet Office would discontinue the use of password-protected zip file email attachments (PPAP) for security reasons.
0 kommentar(er)
