Securing Data in Cloud Email and Messaging Applications

By Neeraj Nayak, Senior Manager, Product Marketing at CipherCloud


In April ’20 Google reported that, in a week’s time, it saw over 18 million daily malware and phishing emails related to COVID-19 sent through Gmail. The numbers are not surprising. Even before the pandemic hit us, emails continued to be the number one threat vector in cybersecurity:

  • 94% of malware get delivered through emails (Verizon Data Breach Incidents Report, 2019)
  • 48% of malicious email attachments are Office files (Symantec Internet Security Threat Report, 2019)

And the current adoption of work-from-home policies across industries, where employees connect to their work through home networks and collaborate over multiple SaaS apps that go beyond the enterprise perimeters, has created unprecedented opportunities for cybercriminals to exploit the security vulnerabilities and trigger a data breach.

When it comes to email information protection, the bad actors can be both internal and external. One out of every third organization rates employee carelessness as a serious vulnerability when it comes to addressing the email threat vector. Imagine sending a confidential email to John Doe, the client instead of John Doe, the colleague. In the wake of stringent data privacy and protection laws, such as GDPR, CCPA, HIPAA etc., these leaks can get extremely damaging to the reputation of an organization.

While there are many solutions in the market that focus on preventing phishing attacks and malware, one area which has lacked the attention of industries is preventing data loss through emails. How do you prevent fat-finger errors? How do you enable real-time detection and prevention of email forwards to external groups? How do you apply your SaaS security policies to cloud-based emails? In today’s digital age, data is your crown jewel and email data protection has to be the focal point of your cybersecurity strategy.

Cloud Security Access Brokers (CASB) have been the preferred option for businesses for securing SaaS applications. While many CASBs do an excellent job in scanning and protecting the data in motion and at rest in the cloud, they lack the security controls when it comes to getting visibility into email data. The need of the hour is a centralized defense mechanism across all SaaS apps – CRM, HRM, ISTM, Collaboration, and Email, without creating any unnecessary friction to the users.

To enable businesses to protect their data across Salesforce, Slack, Office 365, G Suite, and all other clouds, CipherCloud has introduced the industry’s first email information protection solution as part of its CASB offering.

“CipherCloud is one of the few vendors that also extends its CASB functionality to email in Office 365 and G Suite, potentially making CipherCloud attractive to customers interested in a single vendor for SaaS governance and email security.” – Gartner Magic Quadrant Report for CASB, 2019

CipherCloud’s Secure Email Gateway solution integrates directly with your preferred email client and retains the same DLP policy creation and remediation workflow associated with other SaaS apps. The dedicated Secure Email Gateway offers deep visibility over corporate email usage and performs malware checks. The inline email DLPs perform real-time scanning of the email body, subject, and attachments for sensitive content and take necessary remediation actions, such as data masking, encryption, redacting, etc., before email delivery. The DLPs also keep a check on the recipient’s email addresses to prevent accidental email forwards or sharing with external collaborators.


Email Information Protection

Fig. Inline DLP Policy for Office 365 Email

For more information on CipherCloud’s Email Information Protection, visit

The post Securing Data in Cloud Email and Messaging Applications appeared first on CipherCloud.

*** This is a Security Bloggers Network syndicated blog from CipherCloud authored by CipherCloud. Read the original post at:

Cloud Workload Resilience PulseMeter

Step 1 of 8

How do you define cloud resiliency for cloud workloads? (Select 3)(Required)