Email data loss prevention

Keeping email productive and safe from data loss

by Egress
Published on 2nd Mar 2021

Everyone likes to feel productive. It feels good to be in the right flow and watch your to-do list start to shrink. However, even when people are in a good mood and working well, mistakes can creep in – especially when it comes to sharing data.

For employers, it’s about trying to find a balance between helping their workers keep that productive feeling, while keeping sensitive data secure too.

Email is the go-to communication channel for productivity

In our 2021 Data Loss Prevention Report, we asked remote workers how the ways they communicate have changed since they started working remotely. Unsurprisingly, all digital channels are being used more since the pandemic started. We’d seen a marked rise in video-calling (+75%) and messaging apps, such as WhatsApp (+52%).

Email was out in front though, with 85% of remote workers sending more emails than before. The survey data showed this was mainly down to how people felt while using email and its versatility to help them get their jobs done. 46% told us that they felt most productive when emailing – and 80% trusted it to share sensitive data.

This could be down to the fact that email gives people the chance to digest information in their own time, then write out a considered response through a familiar channel. It also provides a way to share and get responses on file attachments. It contrasts with channels such as video-calling where people have to think on their feet and may be less familiar with.

Despite being familiar and easy-to-use for workers, email is far from perfect when it comes to data loss. And when emails are misdirected on a regular basis, productivity takes a major hit.

How does misdirected email impact productivity?

Sending a misdirected email wastes time in the obvious way for the sender. When a plaintext email has been misdirected, they’ll need to apologise, ask the recipient to delete any sensitive information, and then resend the email to the person they actually meant it to go to.

Unfortunately, this inconvenience is minor compared to the wider productivity impact data loss can have on an organisation, particularly for those remediating a breach of sensitive data. On average, an email data breach takes around 60 hours to resolve, and draws personnel from all parts of the business, not just from your Security team. 

We also found that 83% of organizations had experienced a data breach from email and in our research at the end of 2020, we discovered these happen on average every 12 working hours – which adds up to a lot of wasted time! When you factor in the potential financial penalties from falling foul of data regulations and client churn, that’s a lot of money and man-hours that could have been better spent elsewhere.

Legacy email DLP approaches are unproductive

Email DLP tools are supposed to help keep employees productive. They’re meant to take the headache of data loss via email away from IT leaders without making life difficult for employees. However, survey data from the 2021 DLP Report showed that this was anything but the case when it comes to traditional email DLP tools.

Of the 79% of IT leaders who use static email DLP tools, an incredible 100% of them were frustrated with them! IT leaders told us that static DLP tools created user friction and required a high level of admin to maintain. 37% had even resorted to manually altering the rules to make them more usable for their colleagues.

Traditional email DLP often ends up doing the opposite of what it’s meant to. When users are prompted too many times, or interrupted during non-risky actions, productivity is negatively impacted. This also leads to more breaches, as users experience click-fatigue and end up clicking through prompts even when the static rules do catch a potential breach.

The productive solution? Intelligent security.

Egress Intelligent Email Security uses contextual machine learning to understand and learn from each individual user’s behavior. It can tell when a user is doing something that could result in data loss, rather than simply prompting at multiple checkpoints every time they send an email.

Intelligent DLP detects context-driven incidents such as an employee selecting the wrong recipient, attaching the wrong file, or failing to use Bcc. It alerts users to mistakes in real time as they’re happening, and automatically applies the right encryption levels.

This allows organisations to strike the perfect balance of keeping their workers productive while staying secure. Egress Intelligent Email Security ensures the right data gets to the right recipients, with the correct level of security applied – without productivity being impacted.

Related articles