How the GDPR inspired a new approach to email data protection
Surely, you can’t have it all … Well actually you can.
The common misconception among organisations is that digital security is complex, as well as inaccessible, and it requires too many changes in the way that employees work. However, in search of the right trade-off between security and usability, a fundamental concept has been overlooked, that increased usability promotes increased security.
Usability should not be equated with the simplicity of technology. Easy-to-use security solutions that are intuitive and seamlessly embedded into everyday working lives will enable the non-tech savvy employees to participate in cyber security efforts. Without clear-cut, manageable measures, the end result will be low adoption rates among employees, in turn, making security risks far more probable.
At Zivver, we encourage organisations to become enablers and lead the way in digital security. Read our tips in this post to see how you can maximise your success
Usability is interlinked to adoption rates
If something is confusing or difficult to use fewer people will utilise it. The problem is that low adoption rates can be a real inhibitor to the success of a security initiative. Essentially, if employees are not operating a service to its full capacity, then it does not matter how much has been spent on the technology. Technology is one thing, but it only becomes beneficial when individuals apply it in a meaningful way.
A key issue with many inbuilt security systems from email providers or supplementary applications is that data protection can only be achieved through behavioural changes or additional user actions. For us, we believe that the problem largely stems from this. The 21st century employee is not only extremely busy, but they are also creatures of habit and often like to follow specific routines. Therefore, forced changes in working behaviour may seem unnatural to workers whilst additional user actions could be too time consuming.
For instance, on Outlook the only way to encrypt an outbound email is by following a manual three-step approach. On some systems, we also find that recipients are required to create an account and log onto a separate portal. In this sense, barriers are increased rather than lowered and largely disincentivise adoption. Who is going to remember to activate these systems every time they send an email?
Combined with this, we often see solutions interfering with employee workflow, which is not optimal.
The harm caused by poor usability and low adoption rates
The importance of striking a balance between usability and security cannot be overstated. Without an effective and easy-to-use platform, many concerns arise:
• Data breaches are more likely. Sensitive information can be leaked either through human error internally or external threats.
• Organisations are then met with problems ranging from financial and legal implications to reputational damage, to name just a few.
• The educational aspect of security is also lost. Higher adoption rates, due to a more usable platform, can serve the functionality of increasing employee understanding and awareness of security related issues and encourage people to remain alert to threats.
• Organisations can also invest substantial amounts into IT budgets, but the return on investment is minimal if the service is not used.
Becoming an Enabler: striking the balance
It all comes down to being an enabler and this is how we suggest you can achieve this in your organisation. It is about using a platform that ensures:
• Technology is security compliant
• Integrated into the existing way of working
• That it is familiar, intuitive, and recognisable for the people using it
• It is intelligent in helping people make better decisions.
At Zivver, we base our services around these functions and recognise that usability and security should always go hand in hand. They are not opposing ideas, but rather complementary terms that need to be fully embraced by the working community. Our services are aimed at increasing employee productivity and awareness, instilling confidence in company operations and creating a safe and secure working environment.
Want to learn more about email data protection solutions and how they work?
Check out a recent webinar hosted by Scott Daly. In it he explains the need for people to re-evaluate their email security, and gives you nine reasons why you should.
You can watch it now here.
Prefer to do some light reading instead?
No problem. Here's an article on re-evaluating email security, download it here.