Perspective: Email Security in 2019
The term ‘email security’ covers a lot of territory, as business email remains one of the most active communication (and file exchange) services in the business world, and also an ongoing vector of attack, unauthorized access and abuse. Email continues to be a primary vector for malware, phishing and ransomware attacks. As such – solutions that address these security risks are top of mind for information security professionals responsible for email security, and prominent features in the horizontal market for Secure Email Gateways (SEG).
Email encryption, as a subset of email security, gets less mindshare due to the comparative risks associated with sensitive data exposure while ‘in motion’. This is mostly non-compliance risk (HIPAA, PCI-DSS, GLBA) vs large-scale data breach or business continuity risk that can arise from other email security risks. It is also a standard feature or service offered by SEG vendors. These vendors and products take a comprehensive approach to addressing a broad range of email security issues. Securing ‘data in motion’ via email encryption is just one capability – and generally not the one that differentiates them in the market, and not the focus of innovation. For some – it’s a checkbox feature at best.
Yet there are segments of the market where the secure exchange of email (and file attachments) is a critical business function that needs innovation. In financial services, insurance, healthcare and related segments of the public sector market – exchanging regulated data, documents and information is part of their high-volume workflows. In these sectors, there is a need for innovation in email encryption implementations, if only to simplify the sender-recipient experience by incorporating trusted security and verifiable compliance into core business processes without adding a lot of cumbersome digital overhead (extra account logins, separate messaging portals, encryption keys, etc).
The analysts at Gartner recently published their Market Guide for Email Security (June 2019) which covers a comprehensive range of email security topics, including email encryption. According to Gartner:
“Email was never designed to be a secure communication medium, and organizations continue to struggle to protect sensitive email content in transit and at rest. …… Although more than 60% of client organizations leverage the DLP and email encryption capabilities of an SEG, there can still be a need for specialist products, particularly for customer-facing use cases in which a frictionless experience is critical.”
As a proof point for this assessment – DataMotion has customers that use a SEG for their broad, horizontal email security needs, and even for ad hoc desktop email encryption and DLP for general business activities (legal, HR). But for high volume business processes that are core to their ‘product’ – delivering healthcare services, processing financial transactions, addressing insurance plan member needs – they prefer a specialized solution that integrates into the applications, UIs and devices that the senders and recipients use. In essence, to fully transform these information transactions into a seamless digital experience for agents and the customers they service, they need something much better than common ad hoc, desktop email encryption delivered by a SEG.
Enter the Email Encryption API
In many cases, enterprise class customers in the aforementioned market segments are looking for a native solution to their secure high-volume messaging and file exchange needs – one that integrates seamlessly through the use of RESTful / web service APIs. They want to consume secure messaging as a service to complete sensitive information exchange transactions from within the apps, portals and enterprise database and management applications (CRMs, CECs, ERPs) their employees, customers and partners are using. As a specialist in APIs for secure messaging, email and file exchange – DataMotion is uniquely positioned to meet this requirement.
DataMotion is pleased to be listed as an Email Data Protection Specialist representative vendor in the Gartner Email Security Market Guide.
Gartner does not endorse any vendor, product or service depicted in its research publications, and does not advise technology users to select only those vendors with the highest ratings or other designation. Gartner research publications consist of the opinions of Gartner’s research organization and should not be construed as statements of fact. Gartner disclaims all warranties, express or implied, with respect to this research, including any warranties of merchantability or fitness for a particular purpose.