“I've not only gained insight into all the communications in my organization, but also oversight – catching unencrypted emails, catching phishing emails that made it past the spam filter, knowing who our highest risk personnel are, catching social engineering attacks, and more.”
– Director of IT & Security of a Healthcare Company
Security teams cannot protect what they can’t measure, and they can’t measure what they can’t see. This is why, when it comes to protecting against data loss and other threats, visibility is critical. The challenge may be no greater than in healthcare, where the business communication infrastructure can be vast and distributed.
A large healthcare company came to SafeGuard seeking to improve its security posture. They were managing inflows of sensitive data from multiple partner organizations and hadn’t yet adapted to the reality that traditional email security cannot detect all communication-based risks.
We identified their core issue: a lack of visibility into their Teams instance. Read on to discover how cross-channel coverage radically improved their security posture and gave them peace of mind.
The Challenge: Understanding the Risks of a Teams Instance
Like many large organizations, this healthcare company operated a large and highly active Teams instance. However, it turned out to be even larger than they realized.
Once our audit was complete, we determined that 30% of their business communications occurred in Teams. Despite this, they had no platform or tool in place that was tailor-made to protect Teams from threats.
Moreover, an average of 27,400 attachments came in almost every month, while 9,500 attachments were outbound. These numbers quantify the continuous stream of risk to the company and the potential avenues for data exfiltration and/or IP loss.
Through further analysis, we established more key facts, including:
-
An understanding of how PHI (protected health information) was leaking
-
Clarity on which employee groups engage in riskier behavior for tailored training
The Solution: Closing the Gaps and Improving Security Posture
The SafeGuard Cyber platform’s machine-learning-powered security engine enabled the company to start rapidly flagging, quarantining, and responding to threats. By implementing the SafeGuard Cyber platform, the healthcare company was able to implement:
-
The flagging of phishing emails that evaded native M365 controls
-
The closing of critical gaps, securing their investment in Microsoft infrastructure
-
Rapid deployment to cloud email and Teams environments via APIs
-
Visibility into (and measurement of) risks for all business communication channels in one centralized location
-
Robust data loss prevention (DLP) for PHI/PII
-
Visibility into conduct violations that expose the organization to regulatory and workplace risks
Deploying the SafeGuard Cyber platform was API-first and agentless, making it a very light lift for the internal IT department.
Rapid Deployment of Enhanced Visibility Saves the Day
With cloud-based solutions like Microsoft Teams evading traditional email security, the need for new secure communication solutions has grown exponentially. The good news is that access to APIs has made the rapid deployment of these services possible.
For the healthcare company in question, leveraging a cybersecurity platform with contextual analysis and Natural Language Understanding (NLU) capabilities allowed their security teams to have complete visibility into their business communication channels. With this expanded visibility, they can now measure and detect potential risks associated with data loss prevention, PHI/PII violations, conduct violations, and evasions of traditional email security.
As the company’s Director of IT and Security put it:
“I've not only gained insight into all the communications in my organization, but also oversight – catching unencrypted emails, catching phishing emails that made it past the spam filter, knowing who our highest risk personnel are, catching social engineering attacks, and more.”
By improving security posture and gaining visibility into their business communications, the company can keep an all-seeing eye on potential threats and manage them from one central hub, with no risks left unseen.
If you want to experience an API-first, agentless deployment of cybersecurity with cross-channel coverage, feel free to contact us here. Find out how you can also go about improving security posture for your company and gaining visibility into your business communications.
If you are interested in learning more about the SafeGuard Cyber solution, you can take a quick 5-minute tour.