Having real-time data-driven insights to share with stakeholders has been invaluable. Metomic ensures that we’re compliant, secure, and proactive, providing the operational resilience necessary to grow in a competitive digital commerce market.
Human Firewall
Did you know 95% of data breaches involve a human element? Using Metomic, security teams can enable employees to protect sensitive data themselves with real-time and dynamic notifications in SaaS apps.
Keep collaborating in SaaS apps, while protecting your sensitive data
Give employees the real-time tools they need to minimise their own data risks. Building your human firewall doesn't have to mean compromising productivity.
Notifications
Automate Slack notifications to employees when they breach your data policies.
Reminders
Send automatic reminders to employees if data they shared in the past has left unnecessary risk.
Real-time
Move beyond monthly, quarterly, or yearly security training. Deliver it continuously, when it's needed.
Our Customers Love us
We're trusted by security teams worldwide
_BestEstimatedROI_Mid-Market_Roi.png)
_HighPerformer_HighPerformer.png)
We can confidently respond, ‘Yes, we have a DLP solution in place,’ and support that claim with verifiable results. That has been crucial for establishing trust with our customers.
We are a Slack and Google shop, and Metomic had out-of-the-box integrations that made implementation a breeze.
Easy integration. It is as simple as a few clicks (and the Metomic onboarding process is excellent, too, as the team guides us through the process).
We use Metomic to uncover sensitive company data and prevent it from being shared or residing in places it shouldn't. It's a really great supplement where technical controls that could be our frontline of defense don't exist.
Metomic provides an excellent, easy-to-navigate interface with the necessary features to help keep our workspace secure.
.png)
Immediately, especially for the Google Workspace document sharing, Metomic has paid for itself seven fold.
Testimonials
What our customers are saying about Metomic
Use keyboard
to navigate through testimonials
Financial Services
Metomic provides an excellent, easy-to-navigate interface with the necessary features to help keep our workspace secure.
Stephen Droner
IT Help Desk Analyst
Financial Services
We use Metomic to uncover sensitive company data and prevent it from being shared or residing in places it shouldn't. It's a really great supplement where technical controls that could be our frontline of defense don't exist.
Colin O'Shea
IT Manager
Financial Services
Easy integration. It is as simple as a few clicks (and the Metomic onboarding process is excellent, too, as the team guides us through the process).
Philippe Cartier
Cloud Infrastructure Engineering Manager
Financial Services
We can confidently respond, ‘Yes, we have a DLP solution in place,’ and support that claim with verifiable results. That has been crucial for establishing trust with our customers.
Oyster
Director of Trust and Technology
Financial Services
Having real-time data-driven insights to share with stakeholders has been invaluable. Metomic ensures that we’re compliant, secure, and proactive, providing the operational resilience necessary to grow in a competitive digital commerce market.
Juni
Metomic addresses risks efficiently—blocking unsafe data sharing or sending alerts to users. This allows our team to remain productive while keeping our data secure. The visibility and control Metomic provides has been game-changing in helping us implement a solid, proactive approach to data security.
Jeff May
Director of Trust and Technology, Oyster
The machine learning aspect of AI means that, when paired with security solutions such as identity verification and biometric authentication (voice or fingerprint), it improves in its detection over time, increasing accuracy but also reducing the number of false positives.
Nick France
CTO
US Tech Company
I appreciate how configurable and easy it is to setup alerting workflows. The tool is lightweight and easy to integrate into the platforms that our company uses. The customer support team has been excellent at addressing all of our company's concerns.
Caitlin M.
Director of IT Risk & Compliance
Insurance
The big thing for me was how interactive it was in Slack. That was one of our biggest problem points and there was a solution for that immediately.
Cary Vidal
Director, Security & IT
Financial Services
Immediately, especially for the Google Workspace document sharing, Metomic has paid for itself seven fold.
Hatitye Chindove
Head of Information Security and Data Compliance
HR Solution
We were able to find some legacy AWS keys from years ago...that gave us the confidence that in the event of new secrets appearing insecurely across our tech stack, we could rely on Metomic to help us swiftly detect and respond in a click of a button.
James Moos
Head of Security
Healthcare
Metomic is a SaaS enabler. They help us protect sensitive data in applications like Google Drive, so we can grow our business knowing our data is safe.
Simon Burns
Co-founder and CEO
Having real-time data-driven insights to share with stakeholders has been invaluable. Metomic ensures that we’re compliant, secure, and proactive, providing the operational resilience necessary to grow in a competitive digital commerce market.
IT Team
IT Team
Financial Services
We are a Slack and Google shop, and Metomic had out-of-the-box integrations that made implementation a breeze.
Tim Collins
Lorem ipsum dolor sit amet, consectetur adipiscing elit. Suspendisse varius enim in eros elementum tristique. Duis cursus, mi quis viverra ornare, eros dolor interdum nulla, ut commodo diam libero vitae erat. Aenean faucibus nibh et justo cursus id rutrum lorem imperdiet. Nunc ut sem vitae risus tristique posuere.
FAQ
All your important questions, answered
What is the human firewall?
The human firewall is a term that refers to your employees who act as a barrier to cyber security risks like phishing and social engineering attacks.
They follow best practices in cybersecurity to ensure the business is protected and keep the security team updated with any suspicious activity they’ve noticed.
What is an example of the Human Firewall?
An example of the Human Firewall in action is that of a financial services organisation training its customer service staff on the most appropriate way to share customer information with others within the team. For instance, this could take the form of employee notifications warning individuals when they share financial data in SaaS applications such as Slack, and encouraging them to remediate their risks. Credit card information stored indefinitely in Slack is a high risk for the business; if the environment were breached, all of this data would be accessible to unauthorised users.
Building this awareness around data security can help create a security-conscious workforce that can reduce risk to the business.
What could a human firewall defend against?
#1. Phishing
Phishing attacks have become increasingly sophisticated in recent years, with scammers pretending to be well-known companies in order to persuade individuals to share sensitive data.
According to IT Support company AAG-IT, 323,972 internet users were victims of phishing attacks around the world in 2021.
More recently, Reddit announced it had suffered a data breach due to a phishing attack that included ‘plausible-sounding prompts’ pushing them towards a website that imitated their intranet portal.
Making sure your employees can spot a phishing attack is key.
#2. Baiting
Similar to phishing, baiting lures people in with the promise of free goods, or involves leaving items like USBs lying around to appeal to people’s curiosity.
Once the victim has handed over their details or plugged the USB in to their computer, the malicious actor takes advantage and installs malware on to their device.
Keeping your employees updated on the techniques scammers might use can really help here.
#3. Scareware
Scareware is intended to look deceivingly helpful by claiming that a virus has been detected on an employees’ computer, encouraging them to download software to rectify the issue. In fact, this software itself is malicious, giving the criminal behind the attack access to data on your computer.
Ensuring your company’s computers are covered by anti-virus software, and educating your employees on the alerts they should pay attention to is a great way of combatting scareware.
#4. Pretexting
With a heavy focus on manipulation, pretexting involves someone acting as an employee’s manager or another senior colleague to pressure them into giving information out. Pretexting lays the groundwork for any of the above tactics like phishing.
If any of your employees are asked to take specific actions like letting in a delivery driver or giving an IT person access to your system.
Why do you need a human firewall for SaaS apps?
There’s a danger around employees sharing sensitive data for the sake of speed, rather than out of any malicious intention.
In our recent webinar on the human firewall, Christopher Russell, CISO at tZERO, said the thinking behind sharing sensitive data in SaaS apps could be from employees thinking, “I’ll just share this in Slack, then delete it and it’ll be fine.”
The difficulty with this is that the modern workspace moves so quickly that if that person then forgets to delete that piece of information, it could live in Slack indefinitely. What if your Slack channels were then hit with a data breach? That information could easily fall into the wrong hands.
On the other hand, you don’t want to slow your colleagues down or block them doing their jobs entirely.
“You have to be an enabler for the business to meet their deadlines and not have this process that makes sharing these things arduous,” Chris continues. “If you make it painful, not feasible, or inefficient, they will work around that. With the amount of SaaS tools out there, it’s really hard to monitor them all. You have to give them an easy, no-brainer way, so you can at least keep it in that one lane.”
Using a data security platform like Metomic in this sort of scenario can help you to get visibility over all your SaaS apps from one dashboard so you can detect sensitive data being shared, and act early when it comes to insider threats too.
How to create & strengthen your human firewall?
There are a few ways you can start to create your human firewall:
#1. Make yourself known
If people don’t know who you are and what your role is in the company, they won’t think to include you in crucial decisions and discussions. Or they may not know who to approach about any security concerns. Making yourself known to all your colleagues can alleviate this.
#2. Be available in the moment
Although it may be difficult, making yourself available when someone is worried about security issues can make all the difference. Once they know you’re able to help, people will begin to trust you and come to you when they suspect something is wrong.
#3. Strengthen it with interactive sessions that are tailored for each team
Generic security training just won’t cut it anymore. Engaging content that relates to a particular team’s job can improve the attention paid to your presentation.
Help each team to see how they’re connected to the bigger picture. For instance, if your customer service team are sharing sensitive customer data with each other in Slack regularly, you may want to alert them to the fact that if the company suffered a data breach, this information could put customers at risk.
#4. Use automation to put the power in their hands
You won’t be able to fix every problem yourself and putting the responsibility back on individual employees will help to maintain a culture of security-aware employees. Jonathan Jaffe, CISO at Lemonade, suggests trying “to automate as much of the responsibility and notification of the issue to the person who raised the issue. If you can automate a response that notifies them in nearly real-time of the issue, there’s proximity which increases learning and retention.”
#5. Don’t overwhelm your employees
If you can, try to spread security awareness training out over a few weeks rather than giving people information in one go. You could do this with a mixture of short videos and in-person tutorials to ensure all of your time isn’t spent giving training to your team.
#6. Get buy-in from your leadership team
Another key point highlighted in our webinar was the importance of getting buy-in from your leadership team when it comes to building your human firewall.
The time, cost and resources dedicated to security training can be a barrier for security experts who need to convince senior members of the team that it’s worth the investment.
The most important thing is to speak to the leadership team in a language they’ll understand. “Speak in terms of risk, and metrics they understand like ARR or MRR,” says Chris. “For example, it cost us this much, or this many work days, or this person’s entire week.”
Book a demo
Our team of security experts are on hand to walk you through the platform and show you the impact it can have on your business.
Simply fill in the form and we'll get back to you as soon as we can.