The ultimate guide for secure communications.

The convenience and speed of exchanging data via email are unparalleled. Businesses, in particular, have grown increasingly dependent on it. Nevertheless, the benefits of email come with a trade-off, information security. The vast majority of data leaks happen while emailing and file sharing. Contrary to what most people believe, the main offender is an innocent and well-intended individual who commits an error such as misspelling an email address. The topics on this page cover specific points of interest that all businesses should address, implement, and enforce to avoid data leaks due to digital communications and its consequences.   

Sending personal data and sensitive information via email

IT managers and CISOs face a serious challenge when it comes to sending sensitive information and private data via email; how to avoid it from ending up on the wrong hands? Prevention is imperative since If it happens, it could potentially put into motion a series of unfortunate events such as:

• Data Leaks
• Reputational damage
• GDPR violation fines
• Legal & Financial repercussions.

Causes of data leaks

It's widely reported that over 60% of data leaks are caused by unintentional human error while communicating digitally. For IT manager/CISOs this represents a serious challenge such as; How to monitor the staff email activities? How to train employees on safety best practices? How to efficiently avoid human error from happening?

The leading causes of data leaks are:

• Misaddressed emails.
• Disclosure of information to the wrong person upon request
• Adding recipients to the CC field instead of the BCC field
• Loss of storage hardware
• Hacking and cyber-attacks

Why use secure email for data leak prevention?

Secure email platforms are the best solution for data leak prevention due to human error. It employs strong encryption and two-factor authentication to decrypt messages. It monitors in real-time the recipients and content of the email and alerts if security issues arise. It also allows for email retracting in case an error is detected after sending the email. Besides data leak prevention, secure email platforms educate employees regarding data protection best practices. It also keeps your organization out of the GDPR radar.

The GDPR is designed to allow individuals to control their private data more effectively. These updated regulations also enable companies to make the most of the opportunities of digital markets by improving the public trust and harmonizing data protection standards across Europe. The regulation came into force on 25th May 2018.

What is the GDPR? In simple terms, it:

• Applies to personal data — any data that relates to or can be used to identify a person in any way
• Controls what can be done with personal information
• Requires that consent is given or there is a good reason to process or store personal information.
• Gives a person a right to know what information is held about them.
• Allows a person to request information about them is erased and that they are ‘forgotten’ — unless there is a reason not to do this — e.g., a loan account.
• Makes sure that personal information is appropriately protected. New systems must have protection designed into them (Privacy by Design). Access to data is strictly controlled and only given when required (Privacy by Default).
• If data is lost, stolen, or is accessed without authorization, the authorities must be notified. Possibly the individuals whose information has been accessed may need to be notified as well.
• Data cannot be used for anything other than the reason given at the time of collection.
• Data is securely deleted after it is no longer needed.
• Allows national authorities to impose fines on companies breaching the regulation. These fines can be up to €20 million or 4% of the business's global turnover — whichever is higher.