Protecting Against Insider Threat: A Novel Approach | Data Driven Investor

Alex Panagides
5 min readJul 30, 2020

Organizations struggle with insider threats to their data security. Employees planning to leave their jobs are involved in 60% of insider cybersecurity incidents and data leaks, research suggests. Whether intentional or accidental, sensitive content leaked by employees represents a massive challenge. Innovative use of cloud storage may be the best solution yet.

A key concern of corporate cybersecurity is the insider threat of data leakage. Employees can be a source of data leakage for several reasons. The reasons for employee data leakage can be innocent (accidentally sharing sensitive content), malicious (purposely stealing data), and purposeful but not malicious (skirting security in an attempt to get work done). Whatever the motive behind employee data leakage, the most common means of leakage is through email. An email can lead to data leakage when it gets accidentally sent in the wrong direction, sent to a private email account to get around stifling inbox quotas, or sent to a private account just before leaving the company. The organization’s challenge is the inability to accurately and efficiently monitor or control the flow of content through email regardless of employee motive. This article examines a powerful option available to organizations of all sizes to detect and prevent data leakage through email.

“41% of workers may bypass their company’s security policies. 57% say it’s the most efficient way to get work done.” — Dell Workforce Security TAP Report, 2018

The Challenge of Email

Email is a challenging technology for corporate security. It is ubiquitously used, provides no native data security or tracking, and duplicates its content at an alarming rate. [1] A recent study found that email is, by far, the primary means of data exfiltration by “flight-risk” employees.

Email-based data exfiltration accounts for 50% of all exfiltration methods observed. “The exfiltration of data over email continues to be the #1 exfiltration method” — Secureonix. Graph reproduced from the 2020 Securonix Insider Threat Report. Red highlights added to denote email exfiltration methods.

Given that email plays such a central role in data leakage, any effective strategy would focus on this loss vector. Typically DLP (data loss prevention) systems are deployed to scan for sensitive documents. But DLP solutions encumber IT with complex administration and training of content classification rules. Also, DLP solutions offer little recourse after an email is processed.

The Power of Cloud Storage

A powerful addition to traditional DLP solutions has surfaced for protecting email bound data. The rise of business-class cloud storage combined with tools like mxHero can automatically ensure that all email attachments are converted to cloud storage links. There are many benefits to replacing email attachments with cloud storage links, among them, is a simple yet powerful means of containing the loss of data resulting from insider threats. [2]

The implications of replacing email attachments with cloud storage links have a fundamental impact on data exfiltration. Content shared in email as a cloud storage link never leaves the organization until it is downloaded by an authorized recipient. What leaves the organization is a link to content saved on company managed storage. This link is fully controlled by the organization, even after the email is delivered. The organization can limit, revoke, and monitor access. In stark contrast, standard attachments, once delivered to their destination, are lost.

Technologies, like mxHero’s Mail2Cloud, provide server-side solutions that automatically convert attachments into cloud storage links without requiring end-user action.

Let’s examine a scenario and see how an organization is protected from insider data leakage using Box’s cloud content platform with mxHero. Knowing he is leaving the organization in two weeks, an employee suddenly sends a significant amount of files to a private email account. Because of mxHero, those files are automatically uploaded to Box before delivery. In other words, despite being emailed, those files have never left the control of the company. For the employee to possess those files, he would then need to download each from the receiving account.

Furthermore, with a solution like mxHero with Box, the content sent is restricted by automated content classification (Box Shield). The recipient won’t be able to access the links without authenticating himself. Finally, Box offers the ability to detect unusual upload/download activity in real-time, meaning IT security will receive an alert as soon as the data’s atypical transfer occurs through the user’s email.

When updating email-based file exchange with modern file-sharing technology, like cloud storage, the benefits are profound.

Eliminating email attachments in favor of cloud storage links is game-changing. It fundamentally changes how data is exchanged over email. Email attachment technology is 50 years old and woefully unprepared for the demands of today. Myriad complex technologies have been invented in an attempt to patch its vulnerabilities. Given the worsening cybersecurity crises, it is clear that those attempts continue to fail. [3] When updating email-based file exchange with modern file-sharing technology, like cloud storage, the benefits are profound. Organizations can fully leverage their storage investment by keeping all their content in a single, secure system. Protections put into place for their data can now be extended to their email as well.

By bypasses the intrinsic shortcomings of email’s archaic file-sharing methodology, organizations can reap the dual benefits of increased security and simplified operation.


  1. Our Dangerous Reliance On Email Attachments And What To Do About It
  2. 5 Reasons Why Email Attachments Are Finally Coming To An End
  3. Successful Ransomware Infections Surge to Record in 2020 as Victims Grow More Willing to Pay, Research Shows
  4. 2020 Insider Threat Report

Alex Panagides is a well-known email technology pioneer and the founder and chief executive officer of mxHero, a Silicon Valley start-up providing cutting-edge solutions to support and enhance email for all, Alex launched mxHero in 2012 alongside a highly skilled team to improve email issues that companies face on a day-to-day basis, such as the increased volume and size of emails, virus and security threats, and global accessibility. The mxHero team is continually innovating to address email and data storage challenges for businesses and individuals. Alex had previously co-founded one of today’s leading email technology companies in Brazil, Inova International Inc. that grew to serve government agencies, telecom providers and multi-nationals among other organizations in the region. In addition to his work as an IT specialist with a mind for solving real-world problems related to email pain points, Alex has also served as a consultant to the World Bank in Washington D.C. and Brazil. In all, Alex brings more than 25 years of technical, operational, and managerial leadership and vision to mxHero establishing partnerships with today’s leading companies including Google, Box, Dropbox, Microsoft, and Citrix.

Originally published at on July 30, 2020.