You may have heard about some new tools in the Egress platform that have just been released. Perhaps you watched a webinar or video, or read a datasheet. Egress Risk-based Protection and Smart Authentication tackle an ongoing email security problem: one-size-fits-all approaches leave users frustrated or don’t ensure effective security.
They are crucial parts of the Egress people-centric approach to data security.
But why take this approach?
- Because 79% of IT leaders think employees have put sensitive data at risk accidentally in the last 12 months…
- And 61% of IT leaders think it has happened maliciously.
- While 45% of employees who accidentally shared company data said they sent it to the wrong person…
- And 55% of employees who shared data intentionally claim they did so because they didn’t have the security tools necessary to share information safely.
This is the new frontier of risk, with the user at the centre of a network of interconnected risk factors: human error, outdated security, usability and more stringent compliance requirements. It is about how simple mistakes - an autocomplete accident when addressing an email - can have an incredibly large impact and result in data breaches and regulatory exposure.
Egress removes friction and predicts risk for people sharing and using sensitive data
Everyone should be able to share data securely, busimply and without complexity and risk, but the legacy left by existing email protection solutions is one of user frustration and uncertainty around how and when to secure content. They have also never catered for risks posed by human error and malicious behaviour.
The new releases from Egress solve these issues, with security that suits every scenario and user engagement that enables painless recipient adoption.
Putting the user at the heart of data security enables them to:
1. Share data with the right person and apply the right level of protection
Risk-based Protection helps senders apply the right level protection for every email they send. It answers the following questions:
- Is the content being sent to the right person?
- What is the security profile of the recipient’s domain?
- Has the sender communicated this type of content with recipients before?
It also understands the sensitivity of the content being shared and then applies the appropriate level of protection before sending. Risk-based Protection also corrects wrong recipients and mistyped emails, and this all happens seamlessly within the email client.
There are different options for applying encryption, too. It could mean using built-in Egress message-level encryption, which includes read-only access, watermarking and access revocation. Risk-based Protection can also use other secure channels like TLS and Microsoft OME, or existing third-party encryption solutions, including Voltage, Zix, Cisco and Virtru. Risk-based Protection enhances an organisation’s usage of existing email protection tools and fills in the gaps left by people risk.
2. Control the recipient experience
Smart Authentication makes it easier for trusted recipients to access and respond to secure content.
Frustrated recipients leave encrypted content unopened and secure channels bypassed. By automatically assessing recipient risk factors, Smart Authentication applies the correct level of authentication, reducing friction when accessing encrypted content while also securing external communications. A recipient accessing highly sensitive content from a high-risk domain, location or device may need to use MFA, while trusted internal users can achieve read-only access seamlessly.
What can people-centric security do?
This is the technology that helps:
- State Governments digitise complex sensitive data workflows to improve citizen and volunteer engagement
- Make roads safer without increasing police costs by enabling secure citizen action
- Banks better engage customers and partners with regulated data
- Fortune 500 enterprises reduce human error risk in financial document sharing processes
Risk-based Protection and Smart Authentication are two features introduced by Egress that consider a 360-degree holistic view of the risk presented by sharing and accessing sensitive data, but Egress also provides customers with detailed analytics and reporting on the effectiveness of these controls. With these features, organisations gain measurable benefits in data protection, end-user satisfaction and compliance with data protection regulations.