Rarely are things ever clear-cut. Just ask someone who’s planned their wedding reception seating. If Aunt Becky sits next to Cousin Fred’s spouse, there could be tension, and if Jim is seated too close to the snack table an allergic reaction might ensue. “If this then that” scenarios are complex and can be downright irritating.
Setting policies for your email security echo the same feelings. If Jean from human resources can send payroll information internally, is it acceptable for her to send externally? Not every organization has the same employee and vendor structures. This creates complexities while establishing granular policy controls for email security. Rigid policies lack the internal knowledge of an organization’s complexities and can even slow productivity. For example, if a bank decided to block all personally identifiable information (PII) through their SEG to stay GDPR compliant, they may block legitimate traffic. There are nearly a thousand other exceptions that make a case for why policy development and deployment cannot be a standard one-size-fits-all practice.
Why Do We Have Granular Policies?
There are many ways data can fall into the wrong hands. Even the simplest phishing scam can have someone sending unauthorized data. The goal of email security solutions should always be to protect the organization’s data.
Another common misconception is believing that all sensitive data leaves the organization. This is simply false. Emails containing sensitive information can also make their way into the organization, resulting in a breach of compliance. Or perhaps payroll information is shared internally through email that was mistakenly sent to the wrong employee. Granular policies need to have the outgoing, incoming, and internal emails in mind.
Creating a Granular Policy
Once the organization’s data is identified and understood, the granular policy needs to be created. Compliance regulations may dictate that sensitive data such as PII and payment details are safeguarded from unauthorized disclosure. A solution that can detect and remove unauthorized sensitive data from emails, and automatically encrypt any authorized data, will protect employees and the organization if sensitive data is incorrectly sent or received.
Organizations need to answer the following to create granular controls:
- Who should have access to the content?
- How should they access the content?
- Where can they access it (proper IP addresses)?
- When can they access it?
These questions may not always apply as stated in the beginning, every organization is different. But looking at these questions for every employee and supply chain contact – things get complex very quickly.
Complete Granular Control
Not all email solutions offer the same granular policy controls. Clearswift Secure Email Gateway offers unprecedented flexibility and granularity in policy deployment and control. Clearswift’s ability to be extremely configurable allows organizations to apply very granular policies to data. Clearswift SEG has a variety of controls, such as but not limited to, data loss prevention, threat protection, content and/or connection-based controls, as well as encryption using its proprietary award-winning deep content inspection engine.
“The granular levels of control were appealing,” said Vishakh Lakshmikanth, Head of Cloud Engineering at Mercury Financial explained, “Clearswift allows us to apply nimble, yet impactful policies that internal and external constituents benefit from when it comes to sharing files across teams or with vendors.”
When used as a Simple Mail Transfer Protocol (SMTP) relay solution, Clearswift SEG can apply similar controls to on-premises or cloud-based applications requiring the use of a message transfer agent (MTA). The SEG can enforce custom content or connection-oriented controls complying with the organization’s requirements. As an example, an organization may want to deploy a custom SMTP-authentication profile as well as strict threat protection controls without SPF confirmation for a cloud-based application not managed by the organization. However, for internally managed applications, a separate SMTP authentication profile may be required or an encryption configuration needed for the sensitive messages sent by payment applications.
Clearswift SEG is an email solution that doesn’t get in the way of your organization’s productivity while also providing you granularity as you unique as your organization.
What can we do for your organization?
Let Clearswift give you the peace-of-mind knowing your data is protected from the point of creation and throughout its journey.