May 19, 2020

VIPRE SafeSend advice: think before you click

Technology
Cybersecurity
VIPRE
Andrea Babbs, UK General Manag...
6 min
VIPRE SafeSend advice: think before you click

Andrea Babbs, UK General Manager VIPRE SafeSend, discusses how by being alerted of potential mistakes, users can make informed decisions before clicking send - reducing the risk of human error. Adding a simple second check when sending an email will minimise errors, keep personal and sensitive data more protected and help to create a better email culture

Think before you click

From regulatory compliance to safeguarding Intellectual Property (IP), companies are increasingly concerned about the risk of inadvertent data loss as a result of employee mistakes. And for good reason: with so much communication reliant upon email, human error is now the primary cause of data breaches. Indeed, growing numbers of organisations have introduced a ‘one strike’ policy; accidentally sending an email to the wrong person, or adding an incorrect attachment, has become a sackable offence.

While understandable, to a degree, this is hardly a supportive strategy. Humans make mistakes – and stressed, tired employees will make even more mistakes. Adding the pressure of losing your job, is potentially counterproductive. Employees already spend almost two days of each working week reading, deleting, responding to and creating emails – what they need is a way to avoid mistakes, a chance to check before they send.  Andrea Babbs, Head of Sales, VIPRE SafeSend, explains how a simple second check for users will help to keep personal and sensitive data more protected with a layered approach.

Employee Threat

Business reliance on email is creating a very significant cyber security risk – and not simply due to the increasing volume and sophistication of phishing attacks. Email is the number one threat vector in organisations and the cause of nearly all data breaches, as confirmed by the Identity Theft Resource Center. It will come as no surprise to those who have experienced the stress and fear of mistakenly sending an email to the wrong person, or adding the wrong attachment, that the Center’s March 2019 breach report[i] cited employee error as the number one cause of data breach or leakage.

Given the sheer volume of email, mistakes are inevitable. According to McKinsey, the average worker today spends nearly a third%u2028 of their working week on email[ii]. Employees are increasingly trusted with company-sensitive information, assets, and intellectual property. Many are permitted to make financial transactions – often without requiring any further approval.  Given the data protection requirements now in place, not only GDPR but also industry specific regulation as well as internal compliance, organisations clearly require robust processes to mitigate the risk of inadvertent data loss.

But is a strategy that simply imposes stringent penalties – including dismissal – on employees for mis-sent emails without providing any form of support going to foster a positive culture? What employees require is a way to better manage email, with a chance for potential mistakes to be flagged before an individual hits send.

3. Imposing Control

While businesses now recognise that any employee, at any time, is a cyber security threat, few recognise that there is a solution that can add a layer of employee security awareness. Businesses can help employees avoid simple mistakes, such as misaddressed emails, by providing a simple safety check. Essentially, before any email in Microsoft Outlook is sent, the user gets a chance to confirm both the identity of the addressee(s) and, if relevant, any attachments. Certain domains – such as the company and/or parent company – can be added to an allow list, if the business is happy for users to email internally without checking. Or the solution can be deployed on a department by department, even user by user basis.  A business may not want HR to be able to mistakenly send sensitive personal information to anyone internally and therefore require a confirmation for all emails. Similarly with financial data, even marketing data at certain times – such as in the run up to a highly sensitive new product launch.

In addition to confirming the validity of email addresses and attachment(s), the technology can also check for key words within the email. Each business will have its own requirements – in addition to common terms such as confidential or private, or regular expressions to cover broader terms such as credit card numbers or National Insurance numbers, a company may opt to set key product ingredient names as key words to prevent data loss. Any emails – including attachments – containing these key words will be flagged, requiring an additional confirmation before they are sent, and providing users a chance to double check whether the data should be shared with the recipient(s).

SEE MORE: 

 

4. Reinforcing Good Practice

This simple chance to check before you send provides an essential opportunity to minimise accidental data loss, whilst reinforcing compliance credentials. Accidentally CCing a customer rather than the similarly named colleague will be avoided because the customer’s domain name will not be on the allow list and therefore automatically highlighted. Appending a confidential marketing document to an email, rather than a product list, will be flagged. And with a full audit trail, the IT security team has full visibility of the emailing decisions made by employees.

This is key: rather than an overtly punitive approach, companies can reinforce a security culture, building on education and training with a valuable tool that helps individuals avoid the common email mistakes that are inevitable when people are rushing, tired or stressed. It provides an essential ‘pause’ moment, enabling individuals to feel confident that emails have been sent to the right people and with the right attachments.

Indeed, in addition to providing a vital protection against email mistakes, this approach can also help users spot phishing attacks – such as the email that purports to come from inside the company, but actually has a cleverly disguised similar domain name. If an employee responds to an email from V1PRE, for example, as opposed to VIPRE, thinking it genuinely comes from inside the business, the technology will automatically flag that email when it identifies that it is not an allowed domain, enabling the user to cancel send and avoid falling for the phishing attack.

Conclusion

Accidental data leakage is a significant yet apparently inevitable risk when business communication is so reliant upon email – with serious implications of reputational damage, IP loss, compliance breach and the associated financial costs. When it comes to minimising such errors, user education is important. Email culture is essential. But there is only so much humans can do.

Providing a technology that alerts users when they are potentially about to make a mistake – either by sending an email to the wrong person or sharing potentially sensitive information about the organisation, its customers or employees – not only minimises errors, it helps to create a better email culture.  The premise is not to add time or delay in the day to day management of email; it is about fostering an attitude of awareness and care in an area where a mistake is easily made.

By enabling users to make an informed decision about the nature and legitimacy of their email before acting on it, organisations can now mitigate against this high risk area, while reinforcing compliance credentials.

For more information on all business in Europe, please take a look at the latest edition of Business Chief Europe

Follow us on LinkedIn and Twitter.

Share article

May 28, 2021

Automation of repetitive tasks leads to higher value work

Automation
UiPath
technology
repetitivetasks
Kate Birch
4 min
As a new report reveals most office workers are crushed by repetitive tasks, we talk the value of automation with UiPath’s MD of Northern Europe, Gavin Mee

Two-thirds of global office workers feel they are constantly doing the same tasks over and over again. That’s according to a new study (2021 Office Worker Survey) from automation software company UiPath.

Whether emailing, inputting data, or scheduling calls and meetings, the majority of those surveyed said they waste on average four and a half hours a week on time-consuming tasks that they think could be automated.

Not only is the undertaking of such repetitious and mundane tasks a waste of time for employees, and therefore for businesses, but it can also have a negative impact on employees’ motivation and productivity. And the research backs this up with more than half (58%) of those surveyed saying that undertaking such repetitive tasks doesn’t allow them to be as creative as they’d like to be.

When repetitive, unrewarding tasks are handled by people, it takes time and this can cause delays and reduce both employee and customer satisfaction,” Gavin Mee, Managing Director of UiPath Northern Europe tells Business Chief. “Repetitive tasks can also be tedious, which often leads to stress and an increased likelihood to leave a job.”

And these tasks exist at all levels within an organisation, right up to executive level, where there are “small daily tasks that can be automated, such as scheduling, logging onto systems and creating reports”, adds Mee.

Automation can free employees to focus on higher value work

By automating some or all of these repetitive tasks, employees at whatever level of the organisation are freed up to focus on meaningful work that is creative, collaborative and strategic, something that will not only help them feel more engaged, but also benefit the organisation.

“Automation can free people to do more engaging, rewarding and higher value work,” says Mee, highlighting that 68% of global workers believe automation will make them more productive and 60% of executives agree that automation will enable people to focus on more strategic work. “Importantly, 57% of executives also say that automation increases employee engagement, all important factors to achieving business objectives.”

These aren’t the only benefits, however. One of the problems with employees doing some of these repetitive tasks manually is that “people are fallible and make mistakes”, says Mee, whereas automation boosts accuracy and reduces manual errors by 57%, according to Forrester Research. Compliance is also improved, according to 92% of global organisations.

Repetitive tasks that can be automated

Any repetitive process can be automated, Mee explains, from paying invoices to dealing with enquiries, or authorising documents and managing insurance claims. “The process will vary from business to business, but office workers have identified and created software robots to assist with thousands of common tasks they want automated.”

These include inputting data or creating data sets, a time-consuming task that 59% of those surveyed globally said was the task they would most like to automate, with scheduling of calls and meetings (57%) and sending template or reminder emails (60%) also top of the automation list. Far fewer believed, however, that tasks such as liaising with their team or customers could be automated, illustrating the higher value of such tasks.

“By employing software robots to undertake such tasks, they can be handled much more quickly,” adds Mee pointing to OTP Bank Romania, which during the pandemic used an automation to process requests to postpone bank loan instalments. “This reduced the processing time of a single request from 10 minutes to 20 seconds, allowing the bank to cope with a 125% increase in the number of calls received by call centre agents.”

Mee says: “Automation accelerates digital transformation, according to 63% of global executives. It also drives major cost savings and improves business metrics, and because software robots can ramp-up quickly to meet spikes in demand, it improves resilience.

Five business areas that can be automated

Mee outlines five business areas where automation can really make a difference.

  1. Contact centres Whether a customer seeks help online, in-store or with an agent, the entire customer service journey can be automated – from initial interaction to reaching a satisfying outcome
  2. Finance and accounting Automation enables firms to manage tasks such as invoice processing, ensuring accuracy and preventing mistakes
  3. Human resources Automations can be used across the HR team to manage things like payroll, assessing job candidates, and on-boarding
  4. IT IT teams are often swamped in daily activity like on-boarding or off-boarding employees. Deploying virtual machines, provisioning, configuring, and maintaining infrastructure. These tasks are ideal for automation
  5. Legal There are many important administrative tasks undertaken by legal teams that can be automated. Often, legal professionals are creating their own robots to help them manage this work. In legal and compliance processes, that means attorneys and paralegals can respond more quickly to increasing demands from clients and internal stakeholders. Robots don’t store data, and the data they use is encrypted in transit and at rest, which improves risk profiling and compliance.

“To embark on an automation journey, organisations need to create a Centre of Excellence in which technical expertise is fostered,” explains Mee. “This group of experts can begin automating processes quickly to show return on investment and gain buy-in. This effort leads to greater interest from within the organisation, which often kick-starts a strategic focus on embedding automation.”

 

Share article