TL;DR: What is Strac and How Does it Help with Office 365 DLP?
- Customers sending personal information via email can lead to data breaches and insider threats.
- Strac Office 365 App is a DLP tool that identifies and redacts sensitive emails.
- The app can mask sensitive emails and prevent forwarding to unauthorized external addresses.
- Companies can specify sensitive data components for the app to conceal and obtain reports on message access.
- Strac's collection of sensitive data components can be found at the provided link.
- See our video demo below to learn about Strac Office 365 DLP and how Strac redaction works
The Challenge of Protecting Sensitive Data in Office 365
Customers send emails that contain customer’s personal information (PII or PHI) to employees in order to get some business activity done.
- Data Breaches: $1.9B loss due to Business Email Compromise (BEC) reported to FBI in 2020 and 45k cases of personal data breach reported to FBI in 2020.
- Insider Threats: Verizon's 2021 Breach Investigation Report states that the Healthcare and Finance industries experience the most incidents involving employees misusing their access privileges and suffer the most from lost or stolen assets. Employees accidentally or maliciously share emails or attachments to external email addresses (outside the organization).
- Compliance: Each state has come up with its own privacy and security laws to protect customer data in the recent past. What started with GDPR in the EU in 2016 translated to CCPA in CA and most recently New York, Virginia also passed their privacy acts.
How Strac's Features Address Office 365 DLP Concerns
Strac Office 365 App is a Data Loss Prevention (DLP) tool that has the capability to identify and redact sensitive emails.
- The Strac Office 365 App is capable of identifying sensitive emails. By activating this app, you can obtain reports on sensitive emails that have been shared.
- The Strac Office 365 App masks sensitive emails, though it still permits authorized users to access those emails via the Strac UI Vault.
- When properly set up, the Strac Office 365 App can hinder the forwarding of emails to unauthorized external addresses. You can create a process to manage emails being sent to external addresses. For instance, an email or attachment can be sent only with the approval of the owner. If the owner disapproves, the email will not be dispatched to the external recipient.
- Companies have the ability to specify a roster of sensitive data components (such as Social Security Numbers, Dates of Birth, Driver's Licenses, Passports, Credit Card Numbers, Debit Cards, API Keys, and so forth) for the Strac Office 365 App to conceal. Reports detailing which messages were accessed by whom can be made available to Compliance, Risk, and Security personnel.
Take a look at Strac's collection of sensitive data components that are automatically identified and obscured (masked) by Strac. You can find more information at this link