Securing sensitive data in mailboxes at Databricks

Databricks lives and breathes data. Since its inception in 2013, its cloud data platform has empowered data scientists, engineers, and analysts to operate and innovate faster. 

Being a data technology trailblazer, Databricks is laser-focused on securing data wherever it lives. The company has built security measures into every layer of its innovative Data Lakehouse Platform, and they’ve applied that same diligence to protect their corporate infrastructure.

But when it comes to protecting against a data breach, many companies struggle to find a good solution to a common challenge—securing sensitive data sitting in employees’ inboxes. As evidenced by cyber-attacks such as the News Corp breach, people have all kinds of sensitive messages and files in their mailboxes. From contracts and banking information to wire transfer records, email is a prime target for bad actors.

That’s why David Cook, Databricks’ Chief Information Security Officer, sought out Material’s unique security solution upon a friend’s recommendation. Cook explained, "In security you need a balance between good technology and dedicated customer service. Security is all about partnership, and Material is a true partner.”

Cook shared his three main priorities: high quality, innovative technology, and strong customer service.

Gaining visibility into email risk

Cook didn’t want just another tool to block malicious emails at the perimeter. He knew it was an incomplete solution because even if you could stop every malicious email, mailboxes are still vulnerable to other entry points. So when he heard Material’s Leak Prevention solution could add a layer of protection to the sensitive data and messages sitting in the mailbox, he was intrigued.

But Cook first had to understand what kind of data (and how much) was in employee mailboxes: “We needed better visibility into sensitive content in the inbox: I had a guess at what was coming through. The data provided by Material proved my concerns were valid.”

With Material’s Risk Analytics feature, Databricks quickly gained this insight. The team saw:

• What sensitive content exists in mailboxes? And who has the most?
• Which accounts forward work email unsafely?
• Which accounts were recently involved in a data breach?
• And much more

Adding a layer of defense to thwart inbox data theft

Armed with this new visibility into email risk, the security team needed a solution to take action on the risks. David explained, “Blockers aren’t 100%. Phishing attacks are constantly evolving. Things are always gonna get through. We needed something that could help when things do get through.” Indeed, Cook knew that existing email security tools don’t address this problem.

Cook wasn’t impressed by other email data loss prevention (DLP) solutions. Most focused on protecting messages ‘in transit’ versus those ‘sitting at rest.’ None of the other tools evaluated could give him the peace of mind from truly protecting against a breach.

Databricks decided to implement Material’s Leak Prevention solution to protect critical messages from attackers without affecting employee productivity. The solution finds and redacts any sensitive content discovered in mailboxes, and if users need to access redacted messages, they retrieve them on-demand with a simple verification step. In Databricks’ case, users approve an Okta Verify request—an existing and familiar workflow for its employees.

Maintaining privacy and control of the data infrastructure

In addition to Material's zero trust approach to securing email, Cook was also won over by Material’s deployment model. Every Material deployment is a single-tenant instance hosted on a public cloud platform, allowing customers to manage their own instance for total privacy and control. This was key for Databricks.

Not having complete control over their data would have required Databricks to spend time digging into vendor controls and compliance criteria. This lengthy process would have involved long review cycles from other teams such as their legal department. But with Material, Cook and his team have complete control over their email data infrastructure: “Having our own instance and isolating the data was huge for us. We could control behavior and access to our account. We know exactly what’s going on and have a higher level of confidence because we control our own data.”

A fast and painless rollout

Email infrastructure availability is crucial for any company. Any downtime, or even hiccups in the user experience, can severely hinder employee productivity and jeopardize business outcomes. That’s why the impact on their users was top of mind for Cook and the team when deploying a new email security solution. Fortunately, the Material rollout was seamless: "Our Material deployment was almost invisible," David recalled. "We were so paranoid about downtime for our users and confusion. But it went seamlessly with zero complaints from both technical and non-technical teams."

Databricks took a phased deployment approach, first rolling Material out to more technical users, including the security and engineering teams. With zero complaints, they moved to deploying Material to their Go-to-Market Teams and still had zero complaints.

And since initial deployment, Cook has been relieved to find that Material’s help and support have continued to carry through. The close partnership affords Cook and his team opportunities to offer feedback, collaborate, and influence the product roadmap: “Material is always pushing to get us the latest info, alerts on things we should be considering, and more. They are extremely thoughtful about their product and customers which differentiates them from other security vendors.”

Ultimately, Cook is thrilled that he and his team have deployed an email security solution that provides better protection to employee inboxes without impacting productivity. Material’s innovative approach to securing data in email initially won over Cook. But with a fast and flexible deployment, zero disruption to users, and truly meaningful security improvements, Material has provided all elements of a trusted security vendor and partner.