People transitioned to remote work overnight, sending information like bids, intellectual property, medical records and personal customer data all through their emails. Protecting this data is vital.
You’re doing a great job protecting against inbound email attacks (spam, phishing, malware) but what about the email leaving your organization? Here are five of the most important factors to consider when looking for more ways to protect data being sent through emails:
Can a person easily send secure email without any extra steps? Sending an email is a behavior all of us do automatically; introducing encryption shouldn’t hinder this process. Likewise, the person receiving it should easily be able to open the encrypted email. Good solutions will take these behaviors into account and keep them quick and efficient. Organizations can easily adopt encryption as long as their workflow doesn’t change.
Does the solution support multiple delivery methods? If you’re communicating with other businesses, they may have an encryption method already set up. Your solution should support multiple delivery methods, like TLS, PGP and third party S/MIME to take advantage of this. A good solution should also support delivery methods that make it easy for anybody to pick up messages, through encrypted PDF/ZIP or a secure web and mobile web portal. Enterprise administrators should be able to select the delivery methods that best meet their business needs.
As organizations are increasingly adopting cloud based solutions, shouldn’t your encryption decision follow the same strategy? Can the solution run completely in the cloud, so you don’t have to run any software or hardware on premise? Cloud implementations save you deployment time and resources, and allow the encryption solution to grow with the company.
Does the solution allow you to easily set scanning policies to inspect email subject lines, body, attachments, and take action accordingly? You may only want to encrypt emails that contain certain keywords or regular expressions like credit card numbers or other customer information. A good solution will use a robust policy engine to allow you to create and edit policies to determine what should be encrypted and how.
Is the solution easy to integrate and manage across the organization? Can it adapt to your changing policy and regulatory requirements without impacting everyone? You can never predict where a security leak will come from. A cost effective solution will be adaptive and scalable to meet a wide spectrum of business requirements; protecting all sensitive information from going out in the clear, not just executives or specific departments.