The business world has become increasingly digital, and e-mail is the most prevalent means of communication in many organisations. While e-mail offers many benefits, such as improved efficiency and overall productivity, it can also prove to be the single biggest point of risk when it comes to information security, says Simeon Tassev, director of Galix, reseller of Mimecast Solutions in South Africa.
Not only can e-mail open organisations up to vulnerabilities such as theft of Intellectual Property (IP) and other confidential or sensitive information, e-mail security is now part and parcel of compliance to regulations such as the Protection of Personal Information (PoPI) Act. Data leak prevention technology is therefore essential for securing e-mail communication.
While e-mail has provided many benefits in the form of convenience and improved productivity, it is also often an unseen challenge for organisations. Users have become increasingly comfortable with e-mail as a means of communication that they may unintentionally engage in risky data practices. Take for example credit card information. This should never be e-mailed, because e-mail is not a secure communication method and can be hacked, leading to theft of this confidential data that could otherwise be prevented. Often, information of significant value, including personal details, is sent via e-mail, which can have serious repercussions for organisations if this data is breached.
Data leak prevention is therefore an essential component of e-mail security, including rules and policies as well as supporting technology. Data leak prevention technology for e-mail helps organisations to control what data goes out of the organisation. It works by flagging e-mails that are potentially in breach of policy to stop this information from leaving the organisation or falling into the wrong hands, either intentionally or unintentionally. However, in order to create these flags, the technology first needs to be able to identify e-mails that are potentially risky.
Comprehensive policies must be developed to guide the technology, as part of an overall data protection strategy. This in turn requires that organisations firstly understand their data, what data they are trying to protect, and the ways in which it might find its way out of the organisation. While e-mail is the most common culprit, there are other methods of data leakage, from sophisticated hacks to simple methods such as copying information onto a memory stick and walking out of the office with it. Data protection strategies need to classify and define data leakage risks specific to an organisation, with e-mail security top of mind.
With effective policies and rules in place, data leak prevention technology can scan all incoming and outgoing information for a number of pre-identified triggers. This may include keywords, phrases or other references, which need to be built into the definitions for data leak prevention. These definitions are then applied to users, and provide instructions for the system as to what actions to take should the e-mail be flagged. This could include capturing the mail to prevent its release, notifying the individual or a manager for a decision on release, or, if the information contained is highly confidential, the e-mail can be deleted or redirected as required. Rules and policies also need to be constantly adapted and refined, in order to ensure they remain relevant and continue to fit the business and its requirements. The aim of data leak prevention is not to generate masses of false positives, but to narrow in as closely as possible on only those e-mails that are in breach of policy.
When looking for a data leak prevention solution for e-mail, organisations should first and foremost identify a solution that will enable them to create a complete chain of custody or audit trail of the e-mail information. This requires a solution that consolidates all of the necessary channels into a single, integrated platform. The complete audit trail will show exactly what actions were taken by data leak prevention, where e-mail was sent from and to, and more. In addition, organisations should look for flexibility and the ability to define custom policies as required by their individual business. Further features to look for include the ability to encrypt sensitive documents on the fly, preventing data leakage without blocking the e-mail, but by putting additional controls in place.
Ultimately, e-mail is an essential business tool that is in widespread use for corporate communication both internally and externally. While people are often to blame for data leakage, it is impossible to entirely control on a human level. Thus, data leak prevention technology is critical to help businesses control the flow of confidential information and prevent sensitive data from falling into the wrong hands, either accidentally or intentionally.