Email data loss prevention

Five ways data is lost via email

by Egress
Published on 29th Mar 2021

Email data leaks have far-reaching consequences in 2021 – and regulations around sensitive data are likely to tighten further. So what should you be looking out for in your organisation? Here are the five ways data is being lost by employees on a daily basis throughout the world.  

1. Accidental sharing

We’ve all made a mistake on email (some of us have made more than a few!). And everyone knows it’s much easier to make mistakes when you’re stressed or tired. Findings from our 2020 Outbound Email Report backed this up by showing 37% of email data breaches come from stressed out and tired employees.

IT leaders also told us in the 2021 Data Loss Prevention (DLP) Report that ‘sharing in error’ was responsible for 24% of the serious incidents their organisation had experienced. When we asked CISOs how email use puts their data at risk, accidental sharing was a common response:

  • Selecting the wrong recipient (80%)
  • Attaching the wrong file (80%)
  • Failure to use Bcc (75%)

Perhaps the most frustrating thing about misdirecting an email is that it’s a mistake we’re often nudged towards. When we’re working on autopilot, it’s easy to simply trust autocomplete to fill in the right address or find the right file, but it pays to be wary. Especially when working with people or organisations with similar names!

2. Deliberate risky behaviour

Organisations can give all the cybersecurity training in the world but some people will still break the rules. In this form of email data loss, people aren’t maliciously leaking data, although they are willingly acting in a way that makes data loss more likely. They might simply be cutting corners or breaking rules in order to save time or hassle.

Our DLP Report found that 100% of IT leaders using traditional email DLP tools were frustrated by them. One of the main causes of frustration is that they create user friction with unnecessary prompts and warnings – that ‘click-fatigued’ employees will skip and ignore or find workarounds for. This shows the value of intelligent, context-driven DLP that can unobtrusively adapt to a user’s individual behaviour.

People might be bypassing unwieldy traditional email security to boost their productivity, but they’re still risking a data breach. In our 2020 Outbound Email Report, CISOs told us that 19% of breaches were from breaking the rules and not following processes while working remotely. They also revealed that 46% of employees received a formal warning for causing an email data breach – and in 27% of cases they were fired.

3. Exfiltration

Some people are careless by accident and some are deliberately reckless. However for others, leaking data was the plan all along. The DLP Report showed that 23% of IT leaders believed employees taking data with them when they leave a job was the most common contributing factor to email data loss.

People may not be doing this with bad intentions. While emailing yourself a few files that might be useful in the next role might seem innocent enough, it’s still a data breach. Depending on the sensitivity of the data, it could be illegal too. And in a worst-case scenario for organisations, data exfiltration can be deliberately malicious.

A disgruntled ex-employee may choose to share information to damage a business’ reputation as a form of revenge. Or they may choose to sell data to a malicious third party – sensitive data fetches a high price from certain buyers. When we asked CISOs ‘what kept them up at night’ in the Outbound Email Report, 20% said employees deliberately exfiltrating data.

4. Phishing

The first three causes of email data loss we’ve covered all fall squarely under the umbrella of ‘insider risk’, where people with internal access to a business (accidentally or deliberately) leak data. But there are plenty of external threats too, especially when it comes to phishing, which leverages a company’s employees against itself.

Phishing remains a major threat to businesses. 79% of the surveyed IT leaders in the DLP Report told us that their data had been put at risk by phishing in at least one way over the last 12 months. It’s something a lot of people think they’ll never fall for, and this overconfidence plays a role in them ultimately being caught out.

It’s true that some phishing is visible from a mile away and will have even remotely tech-savvy people rolling their eyes at it. However it can also be highly sophisticated, and you might be surprised how it could catch you out – especially if you’re rushing, tired, or stressed.

5. ‘Fat fingers’

This can be a factor in all of the above, but it’s so prevalent we decided it warranted its own section! ‘Fat fingers’ refers to the mistakes we make through accidental presses on a small screen. Everyone knows it's easier to work from a desktop with a mouse, keyboard, and dual screen setup.

However, we’re willing to make a trade off in terms of the convenience mobile devices offer. This isn’t good news for data loss via email. Our DLP Report found that 67% of IT leaders believe workers are more likely to make a mistake when using a mobile device.

It’s harder to accurately select things on smaller screens, and you lose the ability to hover over links and addresses to check for obvious signs of phishing. With more people working remotely from personal devices, it’s important that email DLP is optimised for mobile.

The solution?

All five reasons we’ve looked at have one thing in common – human actions. Whether deliberate or accidental, data loss via email always starts with a click. That’s why the solution is human layer security.

Egress Intelligent Email Security uses machine learning to adapt to human behaviour. This means it can understand the nuances of context-driven incidents, keeping your data safe from ‘fat-fingered’ mistakes, reckless behaviour, and everything in between.

Related articles

Dataexfiltrationexplained550x300

Data exfiltration: What you need to know

Data exfiltration can happen in a few ways - but the outcome is often serious for a business. Here's what you need to know. 
Byod2555x300

BYOD security explained

BYOD stands for “bring your own device” and can be defined as employees utilizing personal devices for work purposes. The best, and most common, example of this is using a personal cell phone to read and reply to work emails. BYOD security is the process of securing this new device landscape.
Credit Card 555X300

The importance of email DLP in financial services

Financial services is a tightly regulated industry where trust is key - which makes email DLP vital.  
Roll The Dice 365X325

Accidentally sent a confidential email to the wrong address? Here’s what to do

We've all sent a confidential email to the wrong person... find out what you can do right now, and how you can prevent mistakes in the future.