Corporate email is the main cause of unauthorized and accidental data leaks, no matter the organization or industry. Employees are constantly sending emails to external parties that may contain sensitive company data, personally identifiable information (PII), trade secrets, and other intellectual property.
When it comes to data exposure via corporate email, reducing risk can be tricky — especially when a company migrates from on-premises email to cloud-hosted email services like Gmail and Microsoft Exchange Online. Relocating email to the cloud often leaves behind legacy support applications like data loss prevention (DLP) for email that are deployed as on-premises hardware appliances. Organizations can try to integrate these local appliances with cloud email services, but it often creates new complexities and inefficiencies.
One large financial services company realized this issue when moving their email service to Microsoft Exchange Online and pairing with the Microsoft Outlook client. To complicate matters, their legacy email security solution from Symantec operated on-premises, making their email workflow far more convoluted. To simplify their network design and assure the efficiency of this new cloud-delivered model, they turned to the secure email gateway (SEG) from Fortra.
The Challenge of Protecting Data in Email With Legacy Tools
This high-profile customer processes high volumes of sensitive data for its financial market customers every day. The data is shared with as many as 5,000 trusted web domains, often through an email exchange with multiple recipients at the same time. To operate effectively, they needed to secure sensitive data without increasing complexity or limiting productivity. But the move to Microsoft Exchange Online with the Microsoft Outlook client came with its own set of challenges.
Message Traffic Backhauling: Clumsy and Inefficient
While a cloud email solution offered many benefits, pairing it with their legacy on-premises email security solution from Symantec proved to be both clumsy and inefficient. All outbound/egress email messages had to travel from Microsoft Exchange Online in the cloud back to a central on- premises data center where security policies were enforced. Only then could the message be sent back through the cloud and onward to the internet. You don’t have to be a network engineer to realize this traffic backhauling approach put a strain on expensive network elements. Extending Symantec’s DLP capabilities also meant purchasing even more on-premises equipment along with the required maintenance contract.
Securing Email Traffic With SEG
Our cloud-native SEG was deployed as an SMTP-based MTA gateway in line with the firm’s outbound/egress cloud-hosted email from Exchange. With the shift to cloud- hosted email, one of the great attractions of SEG was that it eliminated backhauling and dramatically simplified the firm’s network design.