Maximizing your existing investment in Data Loss Prevention (DLP)

icons-cirius green53

Part one of two: Questions you should ask about encryption

Protecting your enterprise against data loss is a critical step toward creating a secure communications environment. It’s also a substantial investment in time, money and resources. Getting the greatest return on your IT investment in data loss prevention (DLP) means making the most out of the time you’ve spent establishing your DLP security rules and policies. Email encryption plays an important role in the security ecosystem and many DLP engines are equipped with encryption or offer it as an add-on. Whether it makes sense to use the encryption that comes with your existing DLP engine or to find another way depends on a few factors.

The questions you should ask yourself when considering an encryption solution are as follows:

  • Is the encryption key-based? Key-based encryption architecture is built in such a way that only the receiver can decrypt messages with their portion of the “security key” for each encrypted message. This means that compliance departments, which need to be able to review encrypted messages, have no way of decrypting them to do so. If regulatory compliance is a factor, you need to question the efficacy of any encryption solution that uses this architecture.
  • What about archiving your encrypted messages to ensure seamless and full internal information management and support for electronic-discovery or “e-discovery”?

Just like above, key-based architecture means messages cannot be easily decrypted and indexed in an archiving solution for search and review at a later date. Without e-discovery capabilities, many organizations will not be able to comply with industry or government regulations should there be a need for disclosure of information.

  • How about customers or partners who have concerns about spam and security when replying to an encrypted message from an unfamiliar company or service?

When you send an encrypted email to someone, you want that receiver to know exactly who’s sending it. Often add-on encryption products carry the brand of the technology provider and not that of your company. It may seem like a small thing, but ensuring a seamless user and brand experience when it comes to security is important because it helps to build your business’ reputation of trust.

Stay tuned for the second part of this post where we will outline features and functionality you should look for in an encryption solution.

LinkedIn