Data loss occurs every day through corporate email. In fact, given the sheer number of emails an organization sends every day, data loss incidents via email are bound to happen easily and frequently. Common email mistakes include auto-filling the wrong email address, attaching a different file than the one intended, or sending out sensitive data that really shouldn’t be emailed.

Anyone within an organization could potentially cause a data breach, at any time and in a matter of seconds. What’s even more worrying is that employees may not actually realize what they’ve done until after the email has been sent. Unfortunately, it sometimes only takes one such incident to damage a businesses’ reputation and result in loss of customers.

Protecting People against Their Mistakes

A CSO from a large organization recently confessed to me that a substantial part of his time is spent trying to protect users from their own mistakes. This was no surprise to me. When it comes to securing a key business tool such as email, companies should think about educating employees even before deploying any technological net.

Our research found that about 90 percent of data loss incidents are unintentional errors, with no malicious intent. Most of the time, such incidents happen quite innocuously and result from very simple actions, such as an employee sending a file to their personal Web mail account, so they can work on the document from home. Although the employee has good intentions, such practice is often against corporate policy and could turn into a data breach for the company. The majority of data loss is caused by employees’ simple mistakes, with no malicious intent, so why not give them more responsibility to help avoid future leaks?
So, how can businesses efficiently prevent data incidents from happening? Involving individual employees in the corporate security process is the only viable approach to avoid data loss incidents. It is also the only way to turn a DLP solution into a truly preventative tool - as opposed to a reactive tool. For businesses, proactively educating users about the potential security issues that can arise from seemingly innocuous actions, like sending an email and reinforcing their overall DLP awareness, will provide the first and ultimate shield against data breaches.