How Microsoft and Zivver integrate to empower effective, user-friendly information security and data leak prevention7 min read
Preventing data leaks and protecting sensitive information to ensure compliance is a top priority for every organization. In this regard, many businesses struggle to strike the balance between security and user-friendliness with the tools they employ to manage sensitive data. Insufficient encryption and poor authentication violate privacy laws and industry-specific standards. In addition, intrusive workflows and strict security procedures deliver a poor user-experience for both employees and their recipients. Low productivity and use of shadow IT are both very real risks as a result.
To combat this, Microsoft and Zivver are excited to announce a new integration, combining labeling in M365 Purview with our secure email solution to provide the ideal combination of security and useability.
The challenges in securing sensitive information in emails
For many organizations, Microsoft Teams has become the hub for both secure internal and external collaboration. Nevertheless, most organizations still rely heavily on email to exchange information, especially with external stakeholders.
The reason for this is simple. Email is universal; the language of email, SMTP, is by far the most used.
While email has been enhanced over recent decades, it still poses some security concerns:
1. Security measures are difficult to enforce: Email security standards are effective only if the recipient also supports them, meaning often emails containing sensitive data are sent unencrypted. In addition, the sender is completely unaware of the status of their email after sending.
Adoption of recommended standards such as DANE is still low. As a result, it is difficult to enforce the required level of safety.
2. A lack of strong recipient authentication: While emails can be sent securely with transport layer security (TLS), multi-factor authentication (MFA) is still lacking from standard email servers - leaving sensitive data at risk once received.
3. Too high security results in low user-friendliness: Security and user-experience rarely go hand in hand. Employees are hindered by strict security procedures, and distracted by clunky processes - resulting in increased security risk in the long term.
4. Insufficiently usable as evidence email: Compliance and data protection legislation, including the eIDAS, requires a legal proof of delivery (ticket in eIDAS) of email exchange. For many applications, this proof must contain details concerning the authentication of the sender and receiver, as well as information about the transaction between servers. Regular email lacks this level of detail.
Combining the power of Microsoft Purview and Zivver for better information security and data leak prevention
Thousands of organizations use Microsoft 365 supplemented with Zivver to make it easier to secure information appropriately, prevent data leaks, and address the above challenges. Until now, Zivver and Microsoft solutions existed side by side. There is an increasing need for organizations to combine sensitivity labeling in Microsoft Purview with Zivver's email security and data leak prevention functionality.
A new integration between Microsoft and Zivver meets this need, and greatly expands the options around email security and data breach prevention that customers can link to a label. The combination of Microsoft Purview and Zivver enables the following features:
- Sensitivity labels in Microsoft Purview can be transferred to Zivver, meaning labels can be assigned and used consistently in both solutions.
- Information with specific sensitivity labels is delivered with proper security and authentication of recipients, in accordance with policies, laws, and standards (such as the NTA 7516).
- Sensitive information sent through Zivver is secured by default with zero-knowledge encryption meaning only the sender and their recipient has access to the decryption keys.
- Recipients outside the Microsoft ecosystem benefit from a smart and user-friendly experience when reading, replying, downloading, or forwarding authenticated emails.
- Zivver recognizes when information labeled as sensitive has not been previously sent to a recipient and alerts the sender to take action if necessary.
- Users can request a delivery or receipt for secure emails, including from Outlook - providing the level of detail required to meet compliance (including the eIDAS).
- Users can withdraw messages from every authenticated email, including Outlook, with insight into the read status, also in the Microsoft ecosystem and with multiple recipients.
How does the integration work?
Organizations can define their labels in Microsoft Purview and assign them automatically or manually to emails and files. Zivver reads the labels and automatically applies the appropriate security levels, including encryption and multi-factor authentication. Based on these labels, Zivver also recognizes potential errors (such as a misaddressed email).
"Microsoft and Zivver work better together! Microsoft Purview’s solutions and Zivver’s integration empowers users to work in a secure and, most importantly, compliant way. At Zivver, we strongly believe in the role of smart technology in enhancing existing workflows and platforms. Thousands of Microsoft customers have already implemented Microsoft Purview Information Protection solutions, and also work with Zivver to ensure the highest and easiest way of securing digital communications. With this collaboration Microsoft and Zivver are integrating Microsoft Purview solutions with Zivver secure email. This new integration brings the worlds of information protection and secure communication together, ensuring that sensitive data is shared only in accordance with the security requirements of the organization.”- Rick Goud, CIO Zivver
The integration is also useful for organizations that are yet to implement automatic labelling in Purview. During the transition, users have the ability to secure outbound emails via Zivver's out-of-the-box business rules, powered by smart machine learning. Zivver will also enable users to automatically put the correct Purview label on an email or document. This means organizations can get a jump start on the implementation of labelling with Purview.
Users of Zivver's Outlook integration (desktop and cloud) benefit from a supremely user-friendly experience through in-the-moment notifications regarding how best to secure the contents of their email, as well helping them to avoid errors such as misdirected emails. Zivver's integration with M365 Purview also works with Zivver's server-side Smart Relay solution, which can be used for every mail client (Apple Mail, Thunderbird, Outlook for Mac).
Integration between Zivver and M365 Purview will be available in early 2023.
To find out more, contact your account executive at Microsoft or Zivver or email email@example.com.
Last updated - 19/12/22