Email data loss prevention

What is email DLP and why do I need it?

Understand email DLP and discover the benefits it could bring to your business.
by Egress
Published on 29th Mar 2021
Understand email DLP and discover the benefits it could bring to your business.

‘DLP’ stands for data loss prevention. In theory, a DLP tool does what it says on the tin – it prevents sensitive data from leaking out of your business. Email DLP focuses on (you’ve guessed it!) email, the number one business communication tool and one of your biggest sources of risk.

How common is data loss via email?

Research shows, employees leak sensitive data via email every 12 working hours. They can do it accidentally through mistakes such as misdirecting an email, attaching the wrong file, or forgetting to use Bcc. Some people will also act recklessly, deliberately ignoring best practices, company processes, and training if they feel it hampers their productivity. Then on the far end of the scale, you have employees who deliberately (and sometimes maliciously) exfiltrate data to their personal accounts.

Email has been around for a relatively long time, and workers feel comfortable and productive using it. Since so many businesses turned to remote working in 2020, its popularity has increased even further. We surveyed 3,000 remote workers in our 2021 Data Loss Prevention (DLP) Report and found that 85% of employees are sending more emails than before the pandemic. And 80% told us that they use email to share sensitive company or client data.

We also spoke to 500 IT leaders across the US & UK to understand if any negative impacts were being felt. 83% told us told us their sensitive data had been put at risk via email over the previous 12 months – and 58% had seen an increase in clients asking whether they had email DLP in place.

What are the benefits of email DLP?

Email DLP is preventative in nature, which means the benefits aren’t always obvious until a business has suffered a breach. They’ll then often rush to put email DLP in place in hindsight! Unfortunately, as we’ve seen from our report findings, data loss via email is near universal. If an organisation thinks they’re immune to the problem, it might just mean they’re blissfully unaware of the scale of the issue.

In an ideal world, every employee would check (and then double check) their recipients, attachments, and Cc/Bcc fields every time they send an email. But the real world doesn’t work like that. Even competent, diligent people are going to make mistakes. That’s what email DLP is there for – to catch the everyday human mistakes that we all make, before they lead to a major problem.

Without email DLP, organisations leave themselves wide open to data breaches on a daily basis. Having effective email DLP in place can save them from huge amounts of hassle later down the line. The average email data breach takes ~60 hours to resolve and can leave long-lasting damage in its wake.

Of the businesses we surveyed who had suffered an email data leak, we found that 38% had experienced client churn, and 37% had experienced reputational damage. 29% had even been on the receiving end of litigation. An effective email DLP tool could have stopped the vast majority of these breaches at their source.

Which type of email DLP do I need?

Firstly, it’s important to recognise that email DLP solutions are not all created equally. Broadly speaking, we can split email DLP into two categories, traditional (or legacy) DLP and intelligent human layer security. Traditional email DLP (the kind used by tools such as Microsoft 365) relies on setting up static rules. For example, “emails with attachments can be sent to Company A but not Company B.”

These tools offer some protection, but they can also be frustrating. In fact, when we recently surveyed IT leaders, we found that 100%(!) were frustrated by their use. Traditional DLP also tends to result in ‘click-fatigue’ for end users, who’ll start to simply ignore prompts when they’re popping up too often. The rules are often too rigid and don’t account for context. As what if someone does need to send an attachment to company B?

Intelligent DLP, otherwise known as human layer security, works very differently. Egress Intelligent Email Security uses machine learning to adapt to each individual user’s behaviour. This means it’s able to react to context-driven situations in real time. As an added bonus for IT teams, Egress Intelligent Email Security also comes with advanced analytics, allowing them to showcase the preventative value of email DLP to the wider business.

What next?

Email is a constant thorn in the side of security teams, but it doesn’t have to be. With the right email DLP in place, you can empower your colleagues to productively use the tools they know and like – while keeping your data secure at the same time.

If you’d like to learn more about how email DLP works, the risks of data loss via email, and the benefits of human layer security, you can explore our content hubs for all the information you need. Or if you’re already keen to try it for yourself, simply get in touch and our team will be happy to set you up with a free (no strings attached) demo so you can see the benefits with your own eyes.