Five reasons you need enhanced email security in Office 365

by Egress
Published on 18th Sep 2019
Blog Header Image Secure 1440X370

It’s estimated that 70% of enterprise organisations  will move to Office 365 (O365) by 2021. It’s a robust platform that provides users with a variety of communication and collaboration applications, as well as the ability to save and store.

Research also shows  that organisations of all sizes continue to layer enhanced security solutions into their O365 environments. In particular, the Egress Team speaks daily with security professionals whose organisations require additional email security within O365.

Why? Well, here are the five most common reasons we come across when talking with these organisations.

1. Protect regulated data
It should come as no surprise that an organisation’s appetite to risk decreases as the sensitivity of the data they share via email increases. This is particularly true for firms regulated by data privacy laws such as GDPR and HIPAA, or those preparing for upcoming regulations like CCPA.

Where a data breach can lead to compliance issues, punitive action, and inevitable reputational and financial implications, organisations can take a strategic approach to mitigating this risk by integrating email security solutions into O365 that provide robust encryption and enhanced rights management controls.

2. Prevent human error
79% of CISOs believe employees have put company data at risk accidentally.

This is alarmingly easy when sharing sensitive data via email – and can include incidents such as adding an incorrect recipient due to autocomplete, attaching the wrong files, failing to remove or redact information within attachments, or simply not applying the right level of protection as data is shared. 

3. Support advanced DLP requirements
Organisations can also have sophisticated DLP requirements that are not met by the standard policies offered by O365 or edge-based secure email gateways.

Some examples of this include the need for internal ethical walls that can prevent certain content being emailed to specific employees (this is particularly key for financial and legal firms); detecting anomalies in employees’ behaviour to determine when they might be accidentally or intentionally leaking data; and dynamically building rules to ensure the right types of information are sent to the right people.

4. Reduce friction
Email encryption solutions are only as useful as their adoption by user, and reducing friction is integral to this. The main business requirements that lead to the adoption of third-party solutions in order to reduce friction include:

  • Sophisticated workflows for user enrolment and entitlements
  • Flexible authentication that makes it easier for trusted users to access content, but raises appropriate barriers for untrusted users
  • Real-time message recall
  • Custom branding of notification messages sent to external recipients
  • Seamless and native user experience across a range of platforms, including Windows, MacOS, iOS, Android, Outlook Web Access (OWA), etc.
  • Engaging user interfaces that integrate encryption closely with existing email workflows

5. Data residency
Highly regulated organisations, such as those in government and financial services, typically have specific requirements for data sovereignty and data residency. Despite the trend to cloud migration, many of these organisations have requirements to keep email security and key management solutions on-premise.

Need more security in O365?
The technology Egress provides can meet these and many other email security use cases, simply visit our Office 365 encryption page for more details.