As the traditional business perimeter shifts with the growth of cloud services, the risk of sensitive business data being breached is increasing. Driven by increasing data breaches, new legislation and compliance needs, more businesses are looking for new solutions to protect their important private data from being sent to the wrong people.
Outbound email security solutions protect employees inside your organization from causing data breaches via email. There are a number of ways these data breaches can occur. Data breaches can be caused through malicious actors compromising accounts or targeting employees with phishing attacks to gain access to sensitive materials. They can also be caused by human error.
Human error includes your employees sending emails and attachments to the wrong recipient or not encrypting emails properly, leading to data breaches. This is a significant problem for businesses globally. In Egress’ 2020 Data Breach Threat Survey, 97% of IT leaders reported that the risk of insiders causing data breaches was a significant concern for their organization.
Outbound email security technologies stop these threats using a range of techniques. Some technologies use machine learning technologies to learn normal and abnormal user behaviours within an organization. They leverage this data to intelligently identify when employees are about to make a mistake within email, and proactively stop this, with a warning pop-up. Other technologies use a more static rules-based approach, with pre-defined data-loss prevention polices that help organizations to define what content can and cannot leave their organizations.
To help your organization identify the right solution for your business, we’ve listed the top Outbound Email Security Platforms. We’ll take you through their key features, their functionality, their effectiveness and how their customers rate them.
The top Outbound Email Security solutions for Business Includes:
- Armorblox | Egress Prevent | Microsoft Office 365 Data Loss Protection | Proofpoint | Tessian
Armorblox protects enterprises from targeted email attacks and outbound data loss. It also protects against inbound email attacks including business email compromise, account takeover and CEO impersonation. Armorblox prevents outbound email data loss with automated mailbox remediation, PII/PCI compliance and confidential content protection. Armorblox’s detection engine analyzes, behavior, and language across all email communications to malicious email behaviours.
Armorblox provides three main outbound data loss prevention capabilities. It detects accidental or malicious data loss over emails, such as account passwords, social security numbers and financial information. It allows organizations to set pre-defined policies that automatically block emails with sensitive attachments from being sent. It also stops confidential email content from being accessed by unauthorized users. The platform works by leveraging language understanding, deep learning, machine learning and statistical techniques to identify signals that signify malicious email behaviours.
Armorblox is a cloud native platform and is suitable for O365 and Gsuite users. It deploys via an API and works inside the email environment to protect your users from threats. Armorblox is built for use in the enterprise and offers role-based access controls, and detailed audit reports to provide admins greater insights to user activities. As Armorblox provides inbound email threat protection alongside outbound security, it’s a good option for organizations looking for rounded email protection.
Read our interview with Rob Fry, CTO at Armorblox, here.
Egress Prevent is a leading outbound human layer security solution. It aims to stop data breaches before they happen, by stopping human errors within emails. Human error can involve falling for targeted phishing attacks or business email compromise attempts, or simply sending a sensitive email to the wrong recipient. Egress also provides intelligent email encryption, which automatically applies the best encryption polices based on the sensitivity of the data being sent. Egress’ eDiscovery solution, Investigate, provides reporting, analytics and insights into email communications.
Egress Prevent uses contextual machine learning to spot when employees are about to accidentally or intentionally leak data and stop breaches before they can happen. It uses machine learning data, recipient domain analysis and analysis of communication history to intelligently learn communication patterns to stop emails going to the wrong people. This ensures that users are sending emails to the right people, prevents email mistakes, and help to reduce the risks of data loss from human error.
By scanning email content, looking at past communication patterns and analyzing the security of recipient domains, Egress is able to intelligently apply the most suitable level of encryption needed for emails to be sent securely, automatically. This simplifies the user experience for encryption, and helps to ensure that all emails are protected, while less sensitive emails remain easy to open and interact with. Egress works inside Office 365 and Outlook, and so is able to display warning banners directly to users when the service detects a mistake is about to be made. Egress is a strong solution for solving the problem of misaddressed emails and insider data breaches. This solution is typically leveraged by customers in healthcare, financial services, legal and both government and local government agencies.
Microsoft Office 365 Data Loss Protection
Office 365 allows admins to define rules and policies to determine which files and data are confidential, critical or sensitive, in order to protect them from being accidentally or maliciously shared or transmitted. The aim of this is to stop data loss from the Office 365 environment. This includes email channels and within OneDrive. Recently data loss prevention capabilities have been added to Microsoft Teams chats. This is available as part of the Office 365 Advanced Compliance module, which is available as a standalone option and is included in Microsoft 365 E5 compliance.
Microsoft’s DLP for Office 365 was launched in 2017, giving users new features to manage data loss prevention. Users can set policies within O365 to manage data that can be shared and receive notifications when someone tries to violate rules. Putting DLP policies in place allows organizations to identify sensitive information across Exchange, SharePoint and OneDrive, and recently Teams. Admins can then apply policies to stop this data from being shared accidentally outside the organization. This also applies inside Office applications like Word, PowerPoint or Excel. When a user tries to share restricted documents, they are sent a notification that alerts them to a potential error and gives them the option to override the policy if needed. The solution also provides reporting, so admins can view where sensitive data is being shared, and by which users.
As Microsoft O365 DLP relies on static policies and rules to manage data loss, it is not a suitable solution to stop misaddressed emails and human error within emails as some of the other options on this list are. Services like Egress and Tessian use machine learning to stop data that is supposed to be shared from going to the wrong place, rather than stopping it from being shared all together. However, O365 DLP has some unique benefits, including stopping data loss from within OneDrive, Office programs and within Microsoft Teams. This is a good solution for organizations using Office 365 that need protection against data loss, with policies to stop sensitive data from leaving the organization.
Proofpoint Essentials is a leading secure email gateway service. It is the world’s largest email security vendor, with annual revenues of over $1bn. Proofpoint Essentials is aimed towards small and mid-sized organizations. It provides email protection with a secure email gateway, email archiving, encryption and continuity, developed in a single platform. As one of the leading email gateway platforms, Proofpoint have a strong visibility into email threats, with a large global threat intelligent platform. Proofpoint secure more than 50% of the Fortune 100, the top 5 banks globally and 7 of the top 10 global retailers.
Proofpoint’s data loss prevention guards against leaks of private and confidential information in emails. Admins can define smart identifiers and managed dictionaries to identify sensitive information and stop it from leaving the organizations. Admins can easily customize and update policies. Proofpoint’s pre-build smart identifiers include financial information, personal information including drivers’ licenses, and protected health information.
Proofpoint Essentials’ data loss prevention is centrally based and user transparent. One of the main benefits is that for users, it’s completely seamless, they use email as usual and appropriate actions are taken automatically. Like using Office 365 policies, Proofpoint’s rules are static and so are not designed to protect against misaddressed email sending, but more designed to stop sensitive data from being sent all together. As Proofpoint also offers inbound email protection, alongside encryption, archiving and continuity, Proofpoint is a strong solution for organizations considering a multi-layered email security service, with outbound email security capabilities.
Tessian is an outbound email security platform that stops spear-phishing, accidental data loss and data exfiltration. Tessian Guardian stops accidental data loss caused by human error within emails. It displays to users when it believes they are making a mistake such as emailing a lookalike domain, attaching the wrong file, or selecting the wrong recipient. This message is shown directly in the email inbox, helping to reduce the chances of users unintentionally causing a data breach via email.
Tessian’s human layer security engine analyzes all outbound emails in real time to protect against data breaches. The platform works by analyzing historical email data to understand what normal behaviours look like for individual users. With this data, they can understand abnormal behaviours, such as choosing the wrong recipients when sending certain attachments, and flag to the user that they may be about to make a mistake. Employees are alerted with messages directly inside the email inbox, instructing them to correct any mistakes before sending. Employee interactions are logged in the Tessian dashboard.
Read: Expert Insights Interview Tessian CEO and Co-Founder Tim Sadler
Tessian are a strong solution for misaddressed emails and data breaches. They offer automated human layer intelligence, which includes threat intelligence and tools for rapid investigation and remediation of threats. Tessian’s platform is typically leveraged by organizations in the legal, financial services, technology and healthcare sectors. Tessian has a strong focus on financial services and regulated markets, helping customers comply with data protection regulations and customer confidentiality agreements.