Email Attachments are the Biggest Overlooked Threat to Enterprise Data. Here’s How IT can Plug this Gap


Email ProtectionEmail isn’t going anywhere. The typical business employee sends and receives 122 emails every day, a number that is expected to grow to 129 by 2019. Even in the age of smartphones and the cloud, email remains essential to communication, and is the primary means by which people share documents. From a security standpoint, that means a great many attachments pass through your email gateway – attachments which often contain very sensitive information.

It’s up to you to prevent that information from falling into the wrong hands.

Chances are, you’ve already taken some steps towards doing so. Maybe you’ve got an email data loss prevention (DLP) system in place, and require your employees to make use of an enterprise file sync and sharing (EFSS) tool. Unfortunately, those two steps on their own probably aren’t enough.

There are a few reasons for that.

Old and rusted storage gate.1) User-Controlled Security Is Inconsistent

With a traditional EFSS tool, the end user has control of how shared files are secured, and what a recipient can do with them. You should already see the problem here – each user is going to make their own judgement calls on how each attachment should be protected. By definition, this means that your security won’t be consistent across your user-base; a file that one user considers sensitive, another might not bother applying protections to.

2) End Users Make Mistakes…

It’s frighteningly easy to make a blunder that puts highly-sensitive data into the hands of someone who shouldn’t have it – that’s why incidents like what occurred recently in Northern Ireland are so common.

And no one is immune to those mistakes, not even you. Maybe you misplaced a character in an email address, maybe your client autocompleted an address with someone else, or maybe you just spaced out for a moment. Regardless of the reasons, without file-level security, hitting ‘send’ means you’ve just forwarded a confidential earnings report to Aunt Ethel or the details of an acquisition to your friend at a competing firm.

Man concentrating on a problem3) …and They Don’t Always Understand Security

Consistency aside, it’s both unreasonable and a little naïve to make regular employees entirely responsible for protecting your data. Most people aren’t security experts, even with proper training.  They won’t necessarily know what an appropriate level of security is, and many of them might not even be cognizant of the need for file-level protections.

4) Manual Controls Are Inefficient

Even if every user could be trusted to diligently apply controls to the documents that needed protection, they shouldn’t be expected to. Having to dictate a few settings for one or two attachments might not seem like a lot of work…but imagine having to do that for nearly every email you send out. It’s an extra, unnecessary step in what’s otherwise a very simple process – it’s sacrificing convenience for security (which, as we know, never works)

A lot of clips

5) DLP Alone Isn’t Always the Best Option

The problem with Email DLP is that it’s very limited in how it can be applied – you either stop the email, you send it without protection, or you lock it off in a quarantine (at which point it needs to be examined by someone senior). Given the confidential nature of the stuff that’s frequently sent via email –intellectual property, details on mergers & acquisitions, highly-placed people that you’re recruiting – this isn’t a task that can be handled by just anyone.

Without a means of automating DLP, someone like your CSO has to frequently review emails and decide what to do with them. Don’t you think their time is better spent elsewhere?

A Better Way to Do Enterprise Email

Now available as a standalone product, WatchDox by Blackberry Email Protector allows your IT department complete control over how recipients both access and use files sent through your email portal.  It integrates seamlessly with existing DLP systems, allowing for automatic protection of sensitive documents, with no intervention required. Most importantly, it’s unobtrusive – all the user has to do is hit ‘send.’

A padlocked chainlink fence gateSome of the file protections available through Email Protector are as follows:

  • Access control: Fully accessible, available as a digital-rights-management-protected download, or viewable only online. Access can be revoked at any time, and set to expire after a certain time period.
  • User permissions: Control whether users can view, edit, copy, print, or forward a file.
  • Custom watermarks: Include the recipient/sender’s email/IP address to deter malicious sharing.
  • Spotlight: Blur the screen everywhere but where the mouse is pointed, preventing screen capture.

Traditional EFSS is insufficient, and DLP is inefficient. In order to protect your business, you need something that allows your IT department complete control over your outbound attachments – even when they leave your firewall. You need Email Protector.

To learn more about how Email Protector can help you protect sensitive data within your organization, view our recent webinar Introducing Email Protector. You can also check out the official Email Protector Product Page for information on how to purchase Email Protector. Licenses start at $3.00 (USD) per user per month.  Finally, visit the WatchDox Product Page to learn more about what our secure EFSS solution can do for you.

About Dan Auker

Director of Product Management, Enterprise Software - Dan is an industry veteran with 18+ years experience building and monetizing enterprise software and solutions.

Join the conversation

Show comments Hide comments
+ -
blog comments powered by Disqus