Data Loss via e-mail

Data Loss Type #4:  Data Loss via e-mail

E-mail is probably the most useful informational tool in the business world.  Nearly every employee has an email address and many have more than one.

One of the many handy features of e-mail is attachments.  Status reports, marketing presentations, sales proposals, everything gets attached to an e-mail and sent.  Most of the time, all this information flying around is just fine and the only time we are exposed to any risk is when sensitive or confidential data is either intentional or inadvertently sent outside the company.

The real risk comes into play with webmail (gmail, hotmail, yahoo, and about a billion others) being used to send company files.  Maybe the user just wants to work at home and doesn’t want to deal with the ‘Corporate email policy’ or maybe he is thinking of leaving the company and would like to take the ‘customer list’ for his new job.

So how can FileSure help?

How to use FileSure depends on your level of concern.  Since many customers don’t want to limit use of such a powerful tool as e-mail, they use FileSure to audit their important data and setup the pre-configured report ‘Files possibly sent with webmail’ to be delivered to them every few days.  Others take the extra step of setting up an alert when a browser opens a sensitive file (this indicates a file is being attached/sent via webmail, etc).  We have one customer who expanded the report to include Microsoft Outlook too.

If you want to prevent files from being sent at all via webmail, we recommend that you use FileSure Defend and set up a “white list” of allowed programs.  All programs will be denied access to the sensitive files, except the few you have chosen.   If only Excel can open Excel files, for example, then the intermediary programs needed to attach & send webmail can’t do it.  That way, if a clever user decides to ‘zip’ the customer list and then e-mail it, FileSure will catch it—and you will catch the user.