A Guide to Data Leak Prevention for your Business

It is universally acknowledged that there is an intrinsic link between a business’s competitive edge and the knowledge and information that it holds. Whether it is material relating to new product development ideas, confidential business plans or classified public data, such information is considered priceless property.

The rise of email has seen this sort of information grow even more valuable through the ease of sharing that email has introduced. While the digital form of communication is hugely beneficial, the electronic sending and receiving of vital information significantly increases the risk of data leakage which can be devastating if material falls into the wrong hands.

How to prevent data leaks?
photo credit: Andrei N

What is data leakage?

Put simply, data leakage occurs when classified information is accessed by an undesirable party. This can be accidental or malicious, and is commonly associated with email trails that are not adequately secured.

What are the repercussions?

Often businesses cannot comprehend the severity of the issue until they experience the consequences for themselves. Once the leakage has occurred, repercussions include the following:

  • Fines – When public privacy has been breached businesses can face enormous fines from the Information Commissioner’s Office. The UK public sector is one of the worst offenders with NHS Surrey recently slapped with a £200,000 fine after losing the sensitive records of over 3000 patients.
  • Reputation compromising – When data leakage goes public it can spell disaster for a company’s reputation. Not only will they lose current clients but they will significantly hinder their chances at sourcing new ones.
  • Legal action – As well as hefty fines, companies breaching confidential data guidelines can face serious legal action which may lead to court cases, account crippling settlements, bankruptcy files and even jail time.
  • Loss of invaluable information – The leaking of highly confidential information such as product ideas, marketing tactics and business growth plans can be devastating for companies that want to set themselves apart from their competitors.

For the reasons listed above, it is absolutely crucial for risk and compliance officers to protect businesses against the hugely damaging consequences that go hand in hand with data leakage.

What are the business challenges?

  • Maintaining productivity – The key to implementing a successful data leak protection scheme is to find a technical solution that will not jeopardise the productivity of the business. A system that does not seamlessly integrate with current email operations runs the risks of counteracting the benefits of security measures due to its inefficiency and interference with day-to-day operations.

    This is of particular importance for those that use Google’s hugely popular Postini email security service. The internet giant recently announced the end of the email security and archiving service which means Postini customers will be forced to transition to the new Google Apps platform or implement an alternative security solution.

    The good news is that Mimecast offer an intelligent and stress free solution to this problem. The Postini alternative from Mimecast provides users with a premium email security service featuring advanced tools, enhanced functionality, and on-going support. This will ensure that businesses and employees can remain productive and profitable with life after Postini.

  • Establishing a trail – Should a data leak occur, it is important that businesses are able to locate the root of the leak and establish who was involved. To maintain the absolute integrity of evidence, it is essential that these records be tamper proof as findings may often lead to litigation cases and disciplinary action.
Prevent data leaks with the cloud
photo credit: FutUndBeidl

What is the solution?

In order to completely eliminate the risk of data leakage while maintaining productivity, businesses must implement an effective and seamless security strategy throughout the organization. Cloud based services are designed to safeguard information against accidental and malicious leaks, while single web based consoles offer users complete control over all policies. Below is a list of key areas needed to warrant a successful data leak prevention strategy:

  • Real time changes – These are important as they ensure that regardless of site or email server numbers, changes are applied simultaneously to all email traffic.
  • Flexibility – Offering managers flexibility over policy controls is essential to ensuring a data leak prevention solution that is able to cater for different users and groups.
  • TLS encryption – TLS encryption feature safeguards on emails when they are in transit and are a fundamental part of meeting corporate governance and compliance needs.

If you want to safeguard your business against data leaks, understanding the risks and addressing them with an effective security solution is absolutely critical.