BDO Jersey is part of BDO Global, the world’s fifth largest professional services network with annual revenues of $10bn. As a member of BDO Global, BDO Jersey is able to provide their clients with genuinely international reach through more than 91,000 colleagues in 1,658 offices across 167 countries. BDO Jersey offers a range of financial and consultative professional services including auditing and assurance, and tax services, as well as its business advisory services.
"The response to Egress has been hugely positive. When we first went live, we heard water-cooler conversations where people said how much value it was already adding."
By providing both financial and consultancy services, featuring cybersecurity and compliance, BDO Jersey must meet the dual requirement of protecting sensitive data, and providing robust security recommendations.
Phil Ruelle, Chief Digital Officer for BDO Jersey, explains:
“As a financial services provider within Jersey, which is extremely well-regulated, we are obviously under compliance pressure to secure data, but of equal weight in our minds is the damage data loss causes to our clients. We have to put our clients’ data and wellbeing first, and our primary focus is to ensure that we keep clients’ data safe.”
Together with BDO Jersey’s Head of Governance, Mel Pardoe, in 2019 Phil reviewed BDO Jersey’s email security strategy, with particular focus on how human error can cause data breaches.
“Misdirected emails are a common breach risk for all organizations because it’s so easy to get it wrong,” says Mel. “Outlook autocomplete is so helpful until you send a message to the wrong person and it’s suddenly too late. We’ve always taken email security seriously and so in 2019, we recognized that there was emerging technology we could implement to provide greater security.”
Email security without user friction
In December 2019, Phil and Mel began conversations between the BDO Jersey Cybersecurity team and Egress to discover how Egress Prevent and Protect could help.
“When we began the conversations with Egress, we were very clear that we needed the highest security with minimal user friction,” Phil continues. “From a business point of view, we always take a people-first approach to technology: employees have to understand what is required of them and how to operate the software. We know from tools we’ve implemented previously that if they’re difficult to use, it’s a hard battle to get employees to adopt them. Instead, we wanted an intuitive experience for senders and recipients that wouldn’t damage productivity.”
In early 2020, BDO Jersey deployed Egress Prevent and Protect to ensure data is protected from accidental and intentional loss on email and encrypt sensitive data for improved security and compliance. Using contextual machine learning, Egress analyses a user’s behaviour and relationships when sending emails, alongside the content they share, and alerts them when there’s a genuine risk to data. This includes detecting incorrect email recipients and when the wrong file has been attached, as well as ensuring sensitive data is encrypted.
Egress has proved a perfect fit for BDO Jersey, as Phil states: “It’s ideal, as our users don’t have to change their behaviours; the software automatically helps them. The response to Egress has been hugely positive. When we first went live, we heard water-cooler conversations where people said how much value it was already adding, particularly with regards to determining correct email recipients.”
"Misdirected emails are a common breach risk for all organisations, because it’s so easy to get it wrong."
“The first step is sending an email to the right person, concludes Mel. “Then we have to make sure the right protection is applied. Egress is easy to use and its intelligent prompts mean no sensitive data is left unencrypted. All the feedback we’ve had from our users and their recipients has been fantastic - we couldn’t ask for more!”