{"id":40920,"date":"2020-05-27T14:36:44","date_gmt":"2020-05-27T14:36:44","guid":{"rendered":"http:\/\/icloud.pe\/blog\/?guid=72698b1792acd89c4e7de700422a409c"},"modified":"2020-05-27T14:36:44","modified_gmt":"2020-05-27T14:36:44","slug":"safesend-email-security-for-outlook-review-a-great-solution-for-security-conscious-smbs","status":"publish","type":"post","link":"https:\/\/icloud.pe\/blog\/safesend-email-security-for-outlook-review-a-great-solution-for-security-conscious-smbs\/","title":{"rendered":"SafeSend Email Security for Outlook review: A great solution for security-conscious SMBs"},"content":{"rendered":"


\n Dave Mitchell<\/a><\/span>
\n <\/span><\/p>\n

\n
\n
28 May, 2020<\/span><\/div>\n<\/p><\/div>\n<\/div>\n

\nAn invaluable last line of defence against Outlook email disasters that\u2019s easy to deploy and manage<\/p>\n

\n <\/p>\n
\n <\/div>\n<\/p><\/div>\n
\n
Price <\/div>\n
\n
\u00a324 exc VAT per user, per year<\/div>\n<\/p><\/div>\n<\/div>\n
\n

\u200b<\/span>We\u2019ve all experienced that sinking feeling after accidentally sending an email to the wrong recipient. If it\u2019s an internal message, you may still be able to recall it \u2013 but if it\u2019s gone to someone outside of your company there may be nothing you can do. At best, it\u2019s an embarrassment; at worst, if your message contained confidential or personal information, you could be looking at a hefty fine<\/a>.<\/p>\n

SafeSend Email Security is a small add-in for Outlook<\/a> that\u2019s designed to eliminate that risk. It achieves this partly by requiring users to review all external email recipients and confirm that they\u2019re correct before the message can be released.\u00a0<\/p>\n

There\u2019s a lot more than this to the software, however. It also provides extensive data loss prevention (DLP) services<\/a>, allowing you to scan email subjects, message contents and attachments for specific keywords and patterns. If a match is found, the software can request confirmation before sending or even block transmission altogether.<\/p>\n

Deployment is a cinch. The add-in can either be installed manually or distributed and managed centrally using a group policy. It works with all versions of Outlook from 2007 upwards, and there\u2019s also a web version for Outlook 365 and OWA. We had no problems using a GPO to distribute the MSI package to the Windows clients in our lab: once they had logged into the domain and been authenticated, the add-in was silently deployed without the need for any user interaction.<\/p>\n

Training requirements are minimal. Users just need to be advised that the first time they load Outlook, SafeSend will pop up a message to confirm their internal email domain. Once this is done, any attempt to send a message outside of the organisation will bring up a confirmation prompt.<\/p>\n

That might sound a little intrusive, but the dialog is clean and simple, showing all the email\u2019s recipients (including those in the \u201cCc:\u201d field) with a tickbox next to each one. If something\u2019s not right, you can remove any unwanted recipients before sending, or reopen the message for further editing.<\/p>\n

\n
\"\" <\/div>\n<\/div>\n

Central management is just as easy. SafeSend provides ADMX\/ADML files for deployment on your domain controller; with these copied across to the PolicyDefinations folder on our Active Directory server, we were able to create a customised SafeSend GPO for all authenticated users.<\/p>\n

This process can be a little time-consuming, but that\u2019s only because the SafeSend GPO has over 150 options to configure. Some of these are simple controls, such as preventing users from removing SafeSend, adding extra safe domains and deciding whether to enable the \u201cSelect All\u201d tickbox. More advanced options let you do things such as limiting the number of message recipients, detecting bulk emails and adding custom footer messages.<\/p>\n

In addition, you can, of course, customise SafeSend\u2019s DLP policies. These are extremely versatile as you can create multiple rules to detect specific strings, credit card numbers and even regular expressions. To ensure nothing slips through the net, SafeSend scans not only the text of outgoing emails but also attachments in various formats, including PDFs, Office attachments and ZIP archives.<\/p>\n

If a user\u2019s email triggers one of your DLP rules, they\u2019ll be presented with details of the sensitive content and the detection rules that it triggered. You can set a custom action for each rule, so for some types of data you could require explicit confirmation from the sender, while other content might be completely blocked.<\/p>\n

SafeSend also gives you the option of adding X-headers to emails. These can be used to trigger encryption using a separate security product such as Mimecast<\/a> and Proofpoint \u2013 or you can use X-headers in conjunction with Exchange transport rules to verify that users have SafeSend installed.\u00a0<\/p>\n

We found SafeSend simple to roll out and refreshingly easy to manage. In these days when an accidental data breach can expose you to steep fines, every SMB ought to be concerned about email security \u2013 and this add-in is a great solution. <\/p>\n<\/p><\/div>\n","protected":false},"excerpt":{"rendered":"

Dave Mitchell<\/p>\n

28 May, 2020
\nAn invaluable last line of defence against Outlook email disasters that\u2019s easy to deploy and manage<\/p>\n

Price <\/p>\n

\u00a324 exc VAT per user, per year
\n \u200bWe\u2019ve a…<\/p>\n","protected":false},"author":405,"featured_media":0,"comment_status":"closed","ping_status":"closed","sticky":false,"template":"","format":"standard","meta":{"footnotes":""},"categories":[],"tags":[],"class_list":["post-40920","post","type-post","status-publish","format-standard","hentry"],"_links":{"self":[{"href":"https:\/\/icloud.pe\/blog\/wp-json\/wp\/v2\/posts\/40920","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/icloud.pe\/blog\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/icloud.pe\/blog\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/icloud.pe\/blog\/wp-json\/wp\/v2\/users\/405"}],"replies":[{"embeddable":true,"href":"https:\/\/icloud.pe\/blog\/wp-json\/wp\/v2\/comments?post=40920"}],"version-history":[{"count":1,"href":"https:\/\/icloud.pe\/blog\/wp-json\/wp\/v2\/posts\/40920\/revisions"}],"predecessor-version":[{"id":40921,"href":"https:\/\/icloud.pe\/blog\/wp-json\/wp\/v2\/posts\/40920\/revisions\/40921"}],"wp:attachment":[{"href":"https:\/\/icloud.pe\/blog\/wp-json\/wp\/v2\/media?parent=40920"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/icloud.pe\/blog\/wp-json\/wp\/v2\/categories?post=40920"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/icloud.pe\/blog\/wp-json\/wp\/v2\/tags?post=40920"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}