INSIGHT: Top 4 ways to prevent email insider threats
- 27 October, 2015 03:15
Criminals have become more advanced, expanding their activities from credit card data theft for immediate gain to going after personal data that they can monetise for weeks, months and even years.
Yet oftentimes, the greatest risk within an organisation is its employees.
Email remains the central mechanism for business communications, transferring significant amounts of sensitive data daily, including market sensitive information, personal information and intellectual property (IP), yet most businesses aren’t taking adequate measures to protect their emails.
The average employee sends and receives about 110 emails each day, or 29,000 emails per year - one in every 20 of those emails might contain sensitive data.
That means that a company with 100 employees creates or handles 145,000 emails with sensitive data each year.
That sensitive data can become a major problem for organisations if the emails containing them are hacked, intercepted, or accidentally sent to the wrong recipients.
“Everyone uses email,” says Adrian Blount, Director Cyber Security Solutions A/NZ, BAE Systems Applied Intelligence.
‘Not just to communicate, but often as a place to keep important information. Email presents companies with serious ‘insider threats’.
“It only takes one honest mistake by an employee or one dodgy link in an email to lose that precious information.
“The preventable situations are the frequent, innocent leaks that happen via email as a dedicated, if ignorant, employee just goes about his business.
“It’s the mistakenly attached spreadsheet with personal customer data. It’s the confidential email sent in error to everyone in the database. Those employees didn’t mean to do it. And they’d love to have the click of that mouse back.”
As a result, Blount recommends four key strategies to help prevent sensitive information from being leaked via email:
1. Measure violations and set targets
It’s impossible to manage something without first being able to measure it. Tracking and reporting on questionable email usage over time and monitoring activity across individual workstations is an important start.
This can be done with email Insider Threat Prevention (ITP) technology, which can spot specific violations of internal policies.
2. Filter sensitive information out of email
Companies are often concerned with incoming traffic and protecting themselves against viruses, worms, and botnets. While those are important, critical information flowing out of the organisation represents the greatest risk.
Companies need a solution that can help block, quarantine, redact, or automatically encrypt sensitive messages, including content-aware policies that, for example, recognise credit card details within an email and don’t allow the email to leave the organisation.
3. When in doubt, encrypt and notify
Often it’s simpler and faster to encrypt an outbound message and notify the sender of the encryption than it would be to involve the message in timely quarantine activity.
4. Communicate your email policy
If staff do not understand internal email policies, then they cannot be expected to follow them correctly. A good starting point is partnering with a member of HR to write a simple memo explaining the policy.
Creating a policy can be a delicate process, as a good policy needs to be brief and concise, without being too vague.
“One of the biggest risks to businesses is the threat of employees who accidentally or intentionally leak data,” Blount adds.
“Despite internal protocols and education, email is still a major source of information breaches.
“Through a combination of measurement, content-aware policies, encryption techniques and email usage guidance for staff, companies can be more secure against insider threats.”