One of the greatest challenges to organizations during the pandemic has been communications. When we send everyone home and the impromptu hallway meetings stop, what paths does information find to rebuild itself?
As we've come to find, the resilience of corporate communication is akin to the flowing of a river. It will find the path of least resistance and move forward. Often, this comes in the form of email forwarding from the organization to personal email accounts.
What does that mean? You likely have no idea where corporate information is ending up.
Before the pandemic, Critical Path Security worked very closely with the Léargas Security team to visualize very specific information from the Azure and Office 365 platforms. In particular, email forwarding.
Who's doing it? Why are they doing it? Why should you care?
- Your users may see this as a convenience. Unfortunately, you have no tracking capabilities of communication(s) after it leaves the organization.
- Your users aren't aware of the continual breaches of public email services. Multiple provides, including Yahoo, have had email accounts breached for years without notifying their users.
- The data your employees are forwarding isn't considered to them as "sensitive". However, a global forwarding policy doesn't take sensitivity into account.
- Your users aren't aware that all responses to corporate correspondence will not originate from their personal addresses. The entire flow of communication has now changed.
- Unfortunately, an individual's views and behaviors don't often align with the organization. However, a new liability has been introduced as organizational messages are tied to personal decisions. Combined with the previous point, this opens the organization up to issues with eDiscovery where certain things may have been emailed that you are now under obligation to produce. Unfortunately, you don't have direct access to those documents.
What are we doing about it? We are providing the alerting and visibility you need to stop email forwarding when it happens.
Additionally, we work with organizations to develop proper administrative and technical controls to block it from happening, at all.
So, it’s 9 AM, do you know where your data is?
Ready to find out more?
Reach out today!