Email data loss prevention

DLP has failed you – and here’s what you need to do now

Data loss prevention (DLP) solutions have failed.

As the CEO of a security company, I don’t say this lightly – but it’s an important truth that we need to accept:

Legacy DLP solutions have failed to stop data breaches from happening.

Why? Because they simply can’t cater to the changes that have happened over the last decade to the way sensitive data is created, stored and (most importantly) shared. These changes have introduced new risks that it’s impossible to properly mitigate using older, static DLP solutions. That’s because these solutions take a binary approach to protecting data.

Let’s use email security as an example. Traditional DLP tools can scan a message’s body and attachments for policy keywords, and then trigger actions based on whether or not these keywords are present – for example, they can block emails from being sent or apply email encryption. But the emails are only ever one of two things: sent or unsent; encrypted or unencrypted. There’s no grey areas and no room for context. The DLP tool only has its policy library to work from. These rules are only as good as the people updating them – and, more importantly, they cannot understand the relationships and interactions taking place.

So, you can have a DLP rule that allows Alice in Company A to send emails to Company B, and you can even set a policy to detect and encrypt based on keywords contained in the emails.

But none of this helps if Alice has accidentally emailed the wrong Bob at Company B!

The DLP rules don’t specify which Bob it is that Alice is meant to be emailing with what data (and no company has the resource to manually maintain such granular rules).

But why does this matter?

We’re creating and sharing more digital data than ever before. Conservative estimates put the growth in unstructured data records at 55 – 65% per year, and its predicted that by 2024, 80% of organisations’ data will be unstructured. These estimates don’t take into consideration the impact of the COVID-19 pandemic, which has accelerated digital transformation for all organisations as social distancing requires they provide digital communication mechanisms in place of face-to-face interactions and reliance on physical data sharing. And let’s face it, we all know we won’t be going back to the old ways of working post-pandemic; we won’t suddenly remove the new digital communication mechanism, and more people will work remotely/flexibly compared to pre-pandemic levels.

Email remains the primary mechanism for organisations when communicating digital data – and this reliance on email has only increased in 2020, with organisations experience an average 50% uptick in email traffic due to digital working.

88% of data breaches are caused by human error – and we know that static DLP solutions aren’t intelligent enough to spot and stop the most common of these errors, such as adding the wrong recipient to an email.

So all that extra data we’re creating and sharing is at significant risk of a breach – an incident that will come with implications for organisations’ bottom lines and their reputations.

Human layer security needs become your alternative to static DLP

If we go back to the crux of the problem with traditional DLP solutions: they are simply unable to understand human interactions and behaviour to spot when something abnormal is happening.

But there is an alternative – and it’s one you need to examine today to prevent your breaches of tomorrow.

It’s a new category of technology called ‘human layer security’ leveraging contextual machine learning technology to provide advanced DLP. Because it’s built using intelligent technology, human layer security is able to deeply understand an individual user’s behaviour and their relationships. It understands that Alice in Company A normally sends medical records to Bob 1 in Company B, not Bob 2 – so the day autocomplete gets the better of Alice and she adds the wrong Bob to an email containing this data, the advance DLP alerts her to the mistake – preventing the breach before it happens in a way that’s never been possible with static DLP. Not only does this have the benefit of providing a personal safety net to each employee at that granular level you couldn’t previously achieve, the technology will learn over time and adapt to changes in the way that an individual works, without requiring admin intervention to update policies. Plus, with no click fatigue from constant prompts, it’s a usability win-win for users as well.

Data has changed – and your data security needs to change with it or run the risk of employees causing data breaches every day when simply trying to do their jobs.

If you’d like to find out more about the Egress platform, please get in touch today.