The pandemic ushered in an expanded era of work-from-home that brought with it new and difficult challenges in securing sensitive information belonging to both the enterprise and its customers. Not surprisingly, as the prevalence of working from home increased, so has the number of incidents involving email data breaches, and this has captured the attention of senior IT and business executives alike.
There is a big risk in sending and receiving sensitive information via email. Research conducted by Egress on the use of Office 365 Outlook uncovered some startling statistics among the organizations surveyed:
85% of organizations have had an outbound e-mail data breach in the last 12 months.
67% have seen an increase in incidents over pre-pandemic levels.
The fallout can have dramatic results as 37% of organizations say they have experienced customer churn, and 47% have suffered damage to their reputations. Add to this the amount of time, money, and resources needed to identify and mitigate the exposure, and you quickly gain an appreciation for the sense of urgency experienced by organizations to find a solution.
The research concluded that remote employees are almost twice as likely to accidentally leak data by e-mail with the common causes being:
adding the wrong recipient through Microsoft Outlook autocomplete
attaching the wrong file
not removing data including hidden cells in Microsoft Excel
replying to spear phishing attacks
misuse of BCC
Many organizations mistakenly believe that Data Loss Prevention (DLP) technology alone is the answer. Unfortunately, today’s DLP tools have fallen short of meeting expectations when it comes to protecting sensitive information exposed through email. 100% of leaders responding to the research expressed frustration with traditional static DLP rules:
43% said that static DLP tools require a high level of admin to maintain.
26% said they created friction for their users.
38% of IT leaders resorted to downgrading the rules to make them more workable.
42% said that half of all incidents will not be detected by their static DLP tools. This statistical aspect cannot be over-emphasized. Again, almost half of the respondents said half of email security incidents would not be detected by their current DLP tools.
It’s clear that DLP alone will not solve the problem. Organizations must find a solution to augment their existing DLP tools, but that solution must be simple, user-friendly, and not disrupt existing work processes. User adoption is critical to securing any sensitive information. If a tool is confusing, time-consuming, or cumbersome to use, employees will simply not use it leaving enterprises in no better shape than they were in using DLP alone. Organizations must make it easy for employees to comply with the organization’s data security standards, and any tool must reflect that ease of use.
The timing could not be better for the introduction of a solution like Confidencial. Confidencial changes the way individuals secure information within Microsoft Outlook. At Confidencial, we recognize that bouncing users between applications and cloud providers and forcing them out of their normal work patterns to secure an email is a non-starter, so our solution was built to work seamlessly within Outlook with simple point-and-click functionality. Confidencial delivers in-place data encryption that retains the native Outlook email format and file extension. This is a feature that carries over into our other integrations within Microsoft Office such as Word and Excel. By retaining the document format and extension, users can store and distribute secure emails or documents as they do today without switching to a proprietary application.
But ease of use is only part of the value Confidencial delivers to organizations. Confidencial also provides full-document or selective encryption. Take the example of information you want to share via an email distribution list, but only certain individuals can see specific parts of that information. Today, you would have to create multiple email messages, then cut and paste the information you want each individual to see, then send the emails out one at a time. With Confidencial, not only can you encrypt an entire document for bulk distribution, but also selectively encrypt the portions of the information you want each person to see. A single email, but each recipient can only see the information they are authorized to view. Even if a non-authorized individual is mistakenly added to the distribution list, that person cannot access any of the encrypted information.
Confidencial also provides an observability dashboard that provides detailed document-level information on all encryption and decryption activity that occurs on any secure email sent inside or outside the organization. That information is available with varying levels of granularity and can easily be exported for use in reporting applications.
Confidencial delivers the email security you require, with the user experience you need, and provides detailed tracking information to support your compliance requirements. Here are eight things you will never have to worry about again, once you start using Confidencial to secure sensitive information within Microsoft Outlook 365:
Full Document or Selective Encryption – No need to create multiple versions of a document based on which recipient is authorized to see what information. Confidencial gives you the ability to encrypt an entire document with the click of a button, or selectively encrypt sections of a document to multiple individuals who can only decrypt the information they are authorized to view.
Integrated With Desktop Applications – No need to launch a separate application to secure your information Confidencial is integrated with your common business applications such as Microsoft Outlook, Word, Excel, etc.
Encryption/Decryption Within Your Common Business Applications – No need to move your documents between applications to encrypt/decrypt. All document encryption and decryption occur within your document’s native business application.
Preserves Native Document Format and Extension – Confidencial does not create a proprietary document format or extension. Confidencial preserves the original document format and extension, allowing you to continue to view and edit your documents in their native business applications.
Documents Remain in Their Preferred Storage Locations – No need to upload your documents to a proprietary storage or cloud. Because Confidencial secures your documents within their native business applications and retains their native format and document extension, those documents can remain in their preferred storage locations such as share drives archives and content services platforms.
Distribute Encrypted Documents How You Choose – No need to distribute links to retrieve documents from proprietary storage locations. With Confidencial you can distribute your documents as you do today via e-mail, attachments, collaboration tools such as Microsoft Teams, or via FTP or Virtual Data Rooms.
Observability Dashboard of All Activity – No need to worry if you are meeting your compliance requirements for data privacy. Confidencial’s Observability dashboard provides detailed audit trail information of all encryption and decryption events occurring inside and outside your organization.
Secure Content and Keys – No need to worry if your encryption vendor has access to your keys or your content. Confidential never has access to your keys, and because you maintain your content in the storage location of your choice, Confidencial never has access to your information.
Follow us on LinkedIn and visit www.confidencial.io and try it for FREE.