Cybersecurity professionals tend to lose sleep over hackers from every corner of the globe who try to steal data and disrupt business operations. However, insider threats have also become a growing problem. And those threats that exist right under your nose are difficult to detect and costly to manage.
Research from the Ponemon Institute found that the average cost of an insider-related security incident in North America was $11.01 million. For organizations with fewer than 500 employees, the average cost was $1.8 million. These incidents took an average of more than two months to contain.
Keep in mind that insider threats aren’t limited to disgruntled employees with an axe to grind. More often than not, sensitive data is unintentionally leaked. Negligence is responsible for nearly two-thirds of insider incidents, while malicious insiders are responsible for just 23 percent.
Email is often the vector for these issues because it is so widely used to disseminate information. More than 60 percent of employees share sensitive data via email, and mistakes happen. Data breaches can be caused by accidentally sending documents to the wrong recipient or something as simple as a hidden column in a spreadsheet that contains a customer’s credit card number.
Data loss prevention (DLP) can play an important role in minimizing the risk of accidental data exposure via email and has evolved to become highly efficient. Legacy DLP solutions would typically automate the monitoring and blocking of email, but IT would be responsible for manually investigating and deleting potentially harmful emails. This approach is not only slow, but it can hamper productivity by preventing the exchange of legitimate emails.
Modern DLP solutions automatically scan every outgoing email and take action before the message leaves the sender’s outbox. If sensitive data is detected, the DLP solution can pop up a warning to the sender, automatically encrypt the content, remove email attachments, send a notification to a manager with a copy of the email, or add text to the email, such as a legal disclaimer. Whatever action is taken, the email is still delivered to allow for ongoing collaboration.
To set up a DLP solution, start by identifying the departments and users that frequently work with sensitive data. Establish policies that explain how different categories of data should be handled, who is authorized to share and view that data, and the triggers for activating protective measures. Finally, develop a formal training program in security best practices to reduce human error and ensure that the proper procedures are followed when security alerts are received.
Email-based DLP not only reduces the risk of a data breach but also can prevent regulatory compliance violations. For example, if an employee accidentally emails a customer’s credit card information to an unsecure environment, your organization might be in violation of the Payment Card Industry Data Security Standard. That means you have to go through the process of alerting those affected, correcting the problem, validating that the problem has been corrected, and paying any penalties for noncompliance. However, if the credit card information is encrypted or removed you’ve avoided this compliance headache.
SSD provides email-based DLP as part of the SSD Assurance managed services program. Let us show you how we can set up, monitor and manage an email-based DLP solution that protects your sensitive data without affecting productivity and collaboration.