A company’s HR department sends salary slips to every employee via email. Due to an error, an email containing the salary slip of the CEO gets emailed to a large distribution list. Though the organization had implemented Email Gateway DLP, it doesn’t block the mail because it is being sent by an authorized person to a set of whitelisted email IDs.
If only this organization had Seclore EDRM installed, the HR executive would protect the document with Seclore before sending it; and this fiasco would be avoided. The members of the distribution list wouldn’t be able to open the email even if they received it by mistake.
Thus, with Seclore EDRM technology, security risks arising out of human error can also be mitigated. Seclore EDRM complements your DLP in enhancing the protection against potential internal issues and abuse of privilege by power users and administrators.
This scenario certainly reinforces the importance of a comprehensive solution with a DLP and Seclore EDRM combination. Here are few more cases where Seclore EDRM significantly complements and completes your Data Protection / DLP strategy.
Process dependence: DLP is process-dependent and requires extensive amounts of change management. While Seclore EDRM has limited dependence on processes and any organization can seamlessly “bulk protect” the known or perceived sensitive documents in no time (i.e. applying instant protection to confidential assets/files stored in a central file repository /file server at one go) while the DLP implementation is being planned to close the vulnerability windows.
Ransomware Attacks: Ransomware attacks against enterprises are on the rise. In a particularly dangerous type of ransomware attack, the attacker steals copies of sensitive information and threatens to make it public unless a certain amount is paid as ransom. However, since the files are protected by Seclore EDRM, the attackers (or anybody else) wouldn’t be able to access them at all. Thus, the information inside the file would be absolutely safe and secure.
Authorized Sensitive Information: There are times when crucial information such as contracts, drawings, and financial information has to be shared with Joint Venture Partners, contractors and vendors. DLP policies have to allow these files to go out. However, DLP cannot prevent the accidental or intentional misuse of this information by external parties. Seclore EDRM will ensure that even if the data has been shared with authorised recipients, it is never compromised.
New Leakage Vectors: DLP is policy dependent and policies are typically not dynamic. Sometimes, new sensitive data is created and that hasn’t been identified by DLP yet. This creates a window of vulnerability. The same applies to a new channel of leakage that hasn’t been identified in DLP (hackers keep building and identifying new intrusion channels and new methods). With Seclore EDRM’s focus on the data itself, the channel doesn’t matter.
Policy Dependence: No policy is fool proof. Despite the best intentions and the best possible implementation, sensitive data may still leak out. There will always be new ways to leak out the classified information or new keywords to circumvent DLP policies. Seclore EDRM will plug this loophole since the policies are data centric and do not depend on data content, discovery, or classification.
Information Level Audits: With Seclore EDRM, an organization is always in complete control of its confidential assets. The information owner always knows who is accessing his/her information, what are they doing with it, at what time, and where the activities are being performed.
Seclore EDRM alongside the DLP product of your choice can help you create a complete, comprehensive, and fool-proof data protection strategy for any organization.