Proofpoint - Adaptive Email DLP

Email data loss prevention (DLP) is an essential part of every email system. Many organisations have deployed DLP tools, yet the top type of GDPR data breach is still reported as "data emailed to the wrong person."

Rules-based DLP systems can add a layer of protection for known sensitive data types like PII, Social Security numbers, and payment card data, but there are other data loss risks that these systems fail to detect and, therefore, fail to protect against. For example, people may mistakenly send sensitive data to the wrong party, and employees may copy data for themselves or other unauthorised recipients.

Adaptive Email DLP

Adaptive Email DLP uses AI to learn about your employees' normal email-sending behaviours, their trusted relationships, and how they communicate sensitive data. It then analyses each outgoing email to detect anomalous behaviour, notifying email admins of potential data loss incidents. It also warns the user in real-time of any potential issues to help prevent sensitive data loss via email.

Proofpoint Adaptive Email DLP uses cutting-edge technology and the broadest email datasets to analyse working relationships and understand the difference between misdirected emails, wrong-file attachments, data exfiltration attempts, and regular business email behaviour. These data-informed insights let security teams identify potential issues in behaviour and then to work with email users to improve their data-handling techniques.

Here is some data that highlights the magnitude of the problem:

⁃ 33% of all employees send at least one email a year to the wrong recipient (we've all got one of these emails, I expect!) 

⁃ Would we admit to sending one? 40% of people asked admitted to doing it.

⁃ 65% of organisations surveyed admitted to an incident of insider data loss in 2022.

The Benefits of Using Proofpoint Adaptive Email DLP

Key benefits of deploying Proofpoint's Adaptive Email DLP include preventing accidental and intentional data loss via email, reduction of reputational risk from such data loss, prevention of fines for inappropriate data handling under regulations such as GDPR, and the improvement of general data security awareness across the organisation. 

Proofpoint Adaptive Email DLP provides the following high-level features.

Stop Misdirected Emails

Sending an email to the wrong recipients is a common source of data breaches in every organisation. It's also challenging to stop with rules-based DLP solutions. Adaptive Email DLP can prevent these breaches. It uses relationship graphs, deep content inspection and behavioural analysis to understand typical employee behaviour and identify potential data loss incidents. Figures 1 & 2 show examples of the warnings that email users receive when potential email-sending issues are detected.

Prevent Misattached Files

When Adaptive Email DLP detects an attachment that looks unusual for a recipient, it automatically warns the user in real-time before they are allowed to send the email so that the wrong person doesn't receive sensitive information. 

Stop Email Exfiltration

Adaptive Email DLP stops people from deliberately exfiltrating sensitive data by detecting them trying to send it out via various means. For example, it discovers users' personal email accounts based on their email behaviour, so if an employee tries to send data to themselves or others, these attempts are automatically detected and can be blocked or configured to raise an alert.

Coach Users in the Moment

Real-time coaching for users can help train them to avoid mistakes and policy violations before they happen. As a complement to security awareness training, Adaptive Email DLP teaches your users about the risks in their email behaviour in day-to-day use via warnings. This enables them to build their awareness over time, correct any ongoing mistakes, and hopefully eradicate data loss incidents.

Renaissance and Proofpoint Webinar

Renaissance and Proofpoint will be hosting a live webinar on the 20th of November that will dive into Proofpoint Adaptive Email DLP. The focus will be on using AI to stop email misdelivery and prevent sensitive data loss with an eye to preventing sensitive data loss by addressing human error. The key takeaways from the session will be:

⁃ Why you need a layered approach to stop sensitive data loss via email.

⁃ The power of AI to help stop sensitive data loss via email.

⁃ How you can stop sensitive data loss from misdirected emails in just days with an Adaptive Email DLP solution.

The session will be introduced by Micheal Conway of Renaissance, with Henry Gorst of Proofpoint then covering the Adaptive Email DLP solution and answering questions.  

Sign up for the November 20th webinar and download DLP informational resources on the webinar landing page.

Conclusion

The data clearly shows that stopping data loss via email mistakes (and malicious actions) is imperative. Proofpoint Adaptive Email DLP can help you prevent this email data loss.

Sign up for the webinar and have a look at the information and downloads available at the bottom of the webinar sign-up page to learn more. Feel free to reach out to us here in Renaissance if you want to arrange a chat with an expert.