Corporate email is the main cause of unauthorized and accidental data leaks, no matter the organization or industry. Think about it: employees are constantly sending emails to external parties that may contain sensitive company data, personally identifiable information (PII), trade secrets, and other intellectual property.
When it comes to data exposure via corporate email, reducing risk can be tricky — especially when a company migrates from on-premises email to cloud-hosted email services like Gmail and Microsoft Exchange Online. Relocating email to the cloud often leaves behind legacy support applications like data loss prevention (DLP) for email that are deployed as on-premises hardware appliances. Organizations can try to integrate these local appliances with cloud email services, but it often creates new complexities and inefficiencies.
One large financial services company realized this issue when they moved their email service to Microsoft Exchange Online and paired it with the Microsoft Outlook client. To complicate matters, their legacy email security solution from Symantec operated on-premises, making their email workflow far more convoluted. To simplify their network design and assure the efficiency of this new cloud-delivered model, they turned to the secure email gateway (SEG) from Lookout.
The challenge of protecting data in email with legacy tools
This high-profile customer processes high volumes of sensitive data for its financial market customers every day. The data is shared with as many as 5,000 trusted web domains, often through an email exchange with multiple recipients at the same time.
To operate effectively, they needed to secure sensitive data without increasing complexity or limiting productivity. But the move to Microsoft Exchange Online with the Microsoft Outlook client came with its own set of challenges
Message traffic backhauling: clumsy and inefficient
While a cloud email solution offered many benefits, pairing it with their legacy on-premises email security solution from Symantec proved to be both clumsy and inefficient. All outbound/egress email messages had to travel from Microsoft Exchange Online in the cloud back to a central on-premises data center where security policies were enforced. Only then could the message be sent back through the cloud and onward to the internet.
You don’t have to be a network engineer to realize this traffic backhauling approach put a strain on expensive network elements. Extending Symantec’s DLP capabilities also meant purchasing even more on-premises equipment along with the required maintenance contract.
Securing email traffic with Lookout
Lookout’s cloud-native SEG was deployed as an SMTP-based MTA gateway in line with the customer’s outbound/egress cloud-hosted email from Exchange. With the shift to cloud-hosted email, one of the great attractions of the Lookout SEG was that it eliminated backhauling and dramatically simplified the clients network design.
As part of the integrated Lookout Cloud Security Platform, it also enables customers to apply unified DLP policies across every app or platform in use. Critical capabilities include:
Advanced data recognition and classification
To secure email, the first thing you need to do is identify and classify any sensitive data contained within the messages — which is where Lookout really outperforms the competition. As one of the more advanced DLP solutions on the market, we support almost 300 file types, embedded content, and multiple languages.
The platform performs deep scans into attached files to extract attachments and other objects. Take the case of an Excel spreadsheet embedded in a zipped Word file. In this example, our DLP software looks into the zipped file, reads the Word document, analyzes it, finds and reads the Excel data, and analyzes it. It’s also able to inspect various image types and scanned documents like PDFs for sensitive data using optical character recognition (OCR) software. In short, our integrated DLP acts as a guardrail that identifies sensitive data before it's unintentionally exposed.
Automatically blocking unauthorized recipients
One of this customer’s top concerns was users accidentally forwarding sensitive data to unauthorized third parties. To address this issue, the SEG enables IT security teams to define and enforce policies based not only on content inspection but contextual analysis as well.
While content awareness involves peering into the message to inspect the actual data being sent, context analysis includes external factors like the sender and recipient, message header, size and format, which can be used to gain more intelligence about the content. Our ability to mix and match both the content and context of the message provided another value proposition over competitor solutions.
Now, when an employee mistakenly sends an email to an unauthorized party, the SEG automatically removes that recipient before the message is sent without impacting other authorized parties. Questionable messages can be moved to a quarantine area for further analysis.
Enabling secure productivity with a broad range of remediation options
Accurately identifying sensitive data the customer needed to secure was only half the problem. The ability to take remediation action was a critical requirement for this customer to strike the right balance between productivity and security. Lookout SEG offered extensive data remediation options, including:
- Allow and log
- Block email
- Replace with marker
- Apply data classification labels
- Add disclaimer
- Remove recipients
Make email security part of every cloud security solution
While the customer reviewed several vendors as part of its evaluation, the Lookout Cloud Security Platform was selected because of its native data protection capabilities that extend to email through the use of SEG.
By implementing Lookout SEG, the customer was able to remove their on-premises email gateway appliance with confidence. Now, their entire email workflow resides in the cloud. With business information traveling freely between employees and partners, the number of places sensitive files can spread grows, making it increasingly difficult to guarantee a safe information boundary. This customer was able to reduce the probability of a data breach and in turn reduce the business risk associated with it.
To learn more about the Lookout SEG and the broader cloud security platform, contact us today.
Book a personalized, no-pressure demo today to learn:
- How adversaries are leveraging avenues outside traditional email to conduct phishing on iOS and Android devices
- Real-world examples of phishing and app threats that have compromised organizations
- How an integrated endpoint-to-cloud security platform can detect threats and protect your organization