Email data loss prevention

How to securely send and open confidential email

by Egress
Published on 5th May 2021

Misdirected email is one of the biggest data security threats facing businesses today. So how can we send confidential email with the peace of mind that a mistake won’t result in a data breach? Thankfully, there’s an easier and more intelligent way than triple-checking every part of every email we send, or relying on outdated, rigid traditional DLP solutions.

Egress Intelligent Email Security works by securing confidential email in three key stages: prevention, protection, and investigation. We’ll walk you through the three stages sharing your data without risk.

Prevent mistakes

Imagine someone within your finance team wants to send an email containing an attachment with sensitive financial data to a client organisation. However, the client has requested that the file be sent to a new joiner within their team.

The first step is to prevent any mistakes that could lead to the email being misdirected or sent with the wrong attachment. Your employees could do this manually through multiple checks, but it can become time-intensive and some mistakes may still slip through. The best solution is to prevent mistakes entirely using machine learning.

Egress Prevent works silently in the background, analysing each individual user’s behaviour and work patterns. That means it’s able to detect context-driven incidents such as autocorrect selecting the wrong address, an incorrect file being attached, or failure to use Bcc.

In our example, Prevent would analyse the contents of the email and attachment. It would see that the employee is sending financial information to someone they don’t normally work with. The employee would then be alerted to this and asked if they’re sure they want to proceed.  

Protect through encryption

Next, we want to ensure that the confidential email is secured in transit between the two organisations. Email encryption makes sure only the intended recipient is able to read the message. Egress Protect offers your organisation the option for secure email encryption at both the desktop or the email gateway, and control access to messages in shared mailboxes.

Its intelligent technology is able to offer security in proportion to the level of risk, allowing you to encrypt emails and attachments in transit and at rest, and add multi-factor authentication and policy controls for additional security. For our example email in the previous section, a higher level of security might be applied as it contains sensitive data and is going to a new external recipient.

However, we don’t want a situation where a recipient has to authenticate themselves every time they receive an email. Trusted recipients can authenticate seamlessly to access Egress encrypted emails, with account log-in or multi-factor authentication required when the risk is higher.

Far-reaching audit logs and message restrictions maintain your control of shared information, while full revocation capabilities give you additional security by fixing mistakes and preventing a breach. This lets you control how recipients can use your shared data, revoking access or changing access permissions in real time.