The Bedel Security Blog

Controlling Sensitive Files Outside Your Institution

Written by Brian Petzold | Apr 24, 2020

When your institution needs to send a sensitive file to an outside party, how do you control what happens to that file? If you are like many, you may email it to them utilizing one of many email encryption products.  If you are a little more sophisticated, you might make the file available in a secure portal or a secure FTP server.

Both of these methods are effective at making sure that the file gets to its intended recipient securely, but what happens after that? What steps do you take to make sure the outside party does not share the file with others, upload the file to a public site, or that the data in that file is secure if the outside party suffers a breach? Up until recently, there has not really been an easy option to protect files once they leave your network. That is starting to change now thanks to new features being added to Microsoft Office 365 (O365).

In early 2020, Microsoft released some new enhancements to their O365 Message Encryption (OME) platform that allow a company to control what an outside party can do with an email and its contents once they receive it. Using these new features, an institution can now retain control of what outside parties can do with sensitive email messages, including the Word, Excel, PowerPoint, and PDF attachments within those messages. Some highlights of these new capabilities include:

  • Encryption of the email message;
  • Independent encryption of the attachments included in the email message;
  • Restrict recipients from forwarding, printing, or copying protected email messages;
  • Restrict recipients from forwarding, printing, copying, or exporting data from encrypted attachments;
  • All saved versions of an encrypted attachment inherit the encryption and restrictions of the original copy;
  • Anyone who receives a copy of the encrypted attachment will need to authenticate themselves as someone who has been granted access before the attachment can be opened;
  • A full audit trail of all activity performed on protected attachments, even after the attachment leaves your institution.

The best part of these new features is that the recipient can be on any email system for these controls to be effective, and Microsoft has streamlined the authentication process to remove most of the inconvenience that these types of controls can often add.

These new capabilities provide the ability for institutions to truly control their sensitive files even after they are sent outside the systems of the institution. It demonstrates how placing an institution in the cloud with O365 can increase the overall security of an institution. Institutions that are already on O365 today can likely implement everything listed above today and are encouraged to discuss implementation with their Microsoft Business Partner.

We help financial institutions across the United States find ways to reduce their cybersecurity risk. If your institution needs help in this area send us an email at support@bedelsecurity.com or give us a call at 833-297-7681.

 

Other Resources:

Remote Access Risk Assessment
https://www.bedelsecurity.com/lp-remoteriskassessment 

Top 5 Ways Cybercriminals are Exploiting COVID-19
https://www.bedelsecurity.com/blog/top-5-ways-cybercriminals-are-exploiting-covid-19

It's a Bad Time for a Cyber Breach
https://www.bedelsecurity.com/blog/its-a-bad-time-for-a-cyber-breach

Remote Work Security
https://www.bedelsecurity.com/blog/remote-work-security

Update: What We're Seeing From the COVID-19 Pandemic Planning Front
https://www.bedelsecurity.com/blog/update-what-were-seeing-from-the-covid-19-pandemic-planning-front
View full post