Picture this. Someone within your organization is working on a document, spreadsheet or presentation which contains data on employees. They feel stymied on a formatting issue. The pressure of a pending deadline mounts, so they reach out to their spouse for help and email an attachment containing employee data. The moment the ‘send’ button is hit employee data within the document or spreadsheet has been inadvertently exposed. As a result, your company or organization may face breach disclosure requirements, regulatory fines, ancillary social engineering and phishing attacks, and in the event of perceived damages, legal and settlement costs.
As food for thought, create similar email scenarios, except replace the formatting issue with a wrong attachment or a wrong distribution list. Multiply these by the number of employees in your organization, and you have a simple measure that equates to tangible business risks and ones that are often overlooked.
To identify innocuous emails that have tangible impacts, look no further than one of the world’s largest aerospace organizations. A recent innocent email scenario created email turbulence at Boeing
. Bottom line, the exposure of thirty-six thousand employee records led to media attention, employee disclosure and costs which could have been avoided.
Regardless of the situation, the fact is with a mere click of a mouse an employee can expose your organization to a range of risks. When customer, payment, employee, intellectual property and other intangible data assets are exposed, your organization faces costs which likely could have been prevented. While the underlying cause of the problem can range from uninformed mistakes to malicious intent, automatic data loss prevention is an effective measure to avoid email turbulence. Simply put, protecting your data and avoiding needless headlines while keeping regulatory compliance and peace of mind are well within your grasp.
To protect sensitive data from improperly leaving your network, prudent organizations use data loss prevention to apply content filters and rules which identify sensitive data and prevent distribution. In the event distribution is approved, both the transport of the email and the content can be encrypted to ensure sensitive information is secured. This approach prevents prying eyes from accessing the email. Ideally this approach is applied using a convenient user experience and is device agnostic to make adoption hassle-free for you, your employees, and your customers and partners.
The benefits: inadvertent email mistakes are no longer a source of risk or employee concern, and unexpected costs and impacts are avoided. To learn more, read our ebook, “The Value of Email DLP.”