Data Leak Prevention with SkyConnect – Critical for your Security Strategy

Articles Clrstream Featured I'm a Customer I'm Evaluating I'm Exploring News & Events Security Skyconnect

Data Leak Prevention (DLP) with Mithi SkyConnect

SkyConnect just released an upgrade to the Data Leak Prevention module. As a result, you can now intercept, modify or monitor email with Aadhar, PAN, PII, and many more templates.

Email is the leading source of data leakage worldwide. Therefore, 22% of the companies surveyed, experience data loss through email each year. Most of this leakage goes undetected until its too late.

The costs of data leakage are staggering, in addition to the loss of reputation and legal penalties for violating industry regulations (GDPR, HIPAA, PCI, etc) pertaining to the transmission of private information.

Data leak prevention (DLP) comprises strategies and tools to ensure that end-users do not send sensitive, private or critical information outside the corporate network. 

Amongst other industries, the financial, healthcare, ITES and manufacturing industries should carefully design their Data Leak Prevention security strategies.

Financial information, private data (PII), PHI (personal health information) and IP (intellectual property) are transported via email in these organizations. So consequently, any loss or leakage of this information can carry a high legal and commercial risk.

Mithi is happy to announce an upgrade to the Data Leak Prevention (DLP) module in SkyConnect, our cloud email platform. 

This upgrade helps you prevent intentional or accidental leakage of data.

Broadly the following strategies can support your DLP initiative:

  • Prevent unnecessary email traffic
  • Monitor sensitive emails before they leave the network
  • Detect emails containing information violating regulations – PII, HIPAA, PCI, GDPR, etc
  • Protect data in transit using encryption
  • Sensitize users on how to respond to and send an email containing sensitive information

Let’s look at these in detail.

Mail Flow control Policies – Prevention is better than cure

Mail policies is a great data loss preventive tool in SkyConnect. It prevents data leakage by allowing you to control mail flow FROM and TO users/groups on your domain, based on rules and roles of the users.

It’s the first planned step in understanding user roles and allowing them restricted use of email as per their roles.

This prevents them from making mistakes and also prevents unnecessary mail traffic, in addition to preventing data leakage.

The rules are built using the mail attributes as the elements viz. to, cc, subject, body, attachments, etc.

For example,

  • Allow only a certain set of users to communicate with users on Gmail/public email platforms
  • A set of users can only communicate only with users within your domain(s).
  • You can control who can send out attachments of a certain type and who is allowed to receive attachments.
  • A set of users who cant send attachments at all.
    ….and many more such nearly endless possibilities

[NEW] Potential Data leak via Inbound mail flow – Detection and Alerts

You might ask, how inbound email is linked to data leak prevention?

We have observed several cases, where external senders solicit information from company executives posing as someone else, typically an authority figure [spoof from the boss, regulatory authority, etc].

These are technically legitimate email but sent with a spoofed name. Learn more about how this works.

In such cases, the recipient has to be careful before responding and sending the requested information. Hence, it would work if you can at least alert them about the email contents.

The new DLP capability allows you to Intercept, Modify and/or Monitor the offending email.

Using a combination of actions from each of the three categories, broadly,

  • you can deliver the email with a tag/stamp to alert the recipient
  • drop or quarantine the message
  • e-route the message to a security supervisor
  • and/or mark a copy to a supervisor for review.

[NEW] Data leak prevention for Outbound mail – Delete, Quarantine, Tag, Alert.

When the subject or the mail body contains text which matches the DLP templates for

  • aadhar number
  • banking or financial information
  • cardholder information
  • healthcare information
  • mobile numbers
  • PAN numbers
  • passport number
  • personally identifiable info
  • Postal Index number
  • Vehicle registration number

you can choose to Intercept, Modify and/or Monitor the email.

Using a combination of actions from each of the three categories, broadly,

  • you can deliver the email with a tag/stamp to alert the recipient
  • drop or quarantine the message
  • re-route the message to a security supervisor
  • and/or mark a copy to a supervisor for review.

User education

The Skyconnect Data Leak Prevention engine not only detects a data breach, but it can also support user sensitization and education.

Supervisors/Administrators can also identify and meet with users who have been repeatedly triggering certain DLP rules, or review the content of automatically forwarded emails.

What’s Next:

You can learn more about how to setup Data Leak Prevention for your organization here.

Other references:
Multi-layered Security in Mithi’s Digital Collaboration platform

Strong Technical Security Controls are necessary but not sufficient to prevent email fraud

Acknowledgements:

Photo by Markus Spiske on Unsplash


Leave a Reply

Your email address will not be published. Required fields are marked *

*