How Egress Powers “Barrier-Free” Document Features in its Human Layer Security Platform

In today's world, organizations seek to empower their employees to share sensitive information between stakeholders online, such as medical records and financial statements. And helping organizations accelerate these sensitive data flows safely is Egress, a human layer security service provider, founded in 2009 and headquartered in London, UK.

Over eight million employees at the top global investment banks, healthcare providers, and government organizations use Egress to ensure their emails are sent to the correct recipients with the right level of protection applied, and to easily and securely share and collaborate on their documents, including the large files. Egress innovates by bringing together formerly disparate security applications into a single, "barrier-free" platform. With features then accessible in seconds, users can communicate more efficiently and navigate red tape, with Egress’s “human layer” protections using cutting-edge AI to ensure emails go only to the right persons.

Egress Chief Product Officer Sudeep Venkatesh stated, "We run our solution at the source as a 100% SaaS product. So our customers don't need to deploy anything, although we do offer desktop integration and mobile apps for iOS and Android as part of our email security solution. When using Egress Secure Workspace, however, all users have to do is enter a URL into their browsers to start using the product."

Egress first partnered with Apryse in 2017 to power PDF document viewing and redaction directly in Secure Workspace, Egress’s encrypted web-based file sharing and collaboration platform, simplifying the addition of the new features while streamlining mission-critical user workflows. And as time went on, Egress could rely on its partnership with Apryse to enrich its platform with additional capabilities⁠—such as real-time collaboration on PDFs with user annotations⁠—⁠further differentiating Egress's offering from competitors’ without such features.

"Our much lower support and maintenance costs due to using Apryse as opposed to the alternatives are massive for us as a business. Even more important is the competitive advantage of getting products to market sooner," stated Venkatesh. "Apryse provided us a proven quickness of integration and richness of capabilities, which ensured the solution would scale efficiently for our customers."

In the era where user communications increasingly fall outside the traditional enterprise network security perimeter, human-activated data breaches form the bulk (~88%) of data breach sources. Such incidents involve users falling prey to email spear-phishing attacks or accidentally misdirecting emails with confidential information. But whether accidental or intentional, data breaches are expensive, costing organizations possibly millions, even billions of dollars, including punitive fines for repeat infractions under stringent new data protection laws.

Egress thus helps organizations achieve 100% secure, compliant email communications, online collaboration, and document exchanges with the latest technologies and security frameworks, having obtained an alphabet soup of globally recognized security certifications. Its platform includes intelligent email DLP, email encryption, secure online collaboration and file sharing, and comprehensive email security analytics. Egress also adds further protection to organizations' human layer beyond traditional static technologies⁠—including contextual machine learning to understand each user's behavior and relationships. Based on this information, Egress then provides users a safety net, with features such as accurate email address auto-complete and appropriate, intelligent security reminders to drive secure and compliant behavior.

But for users to work successfully in Egress, the platform must also make their work easier, not harder, unlike their legacy software. Tasks completed on Egress are often fast-paced as well as high stakes. For example, users rely on Egress to respond to Freedom of Information (FoI) requests with legally mandated turnaround times or to share personal health information with hospitals so they can treat specific patients.

Many of these mission-critical operations depend on PDF, the document format typically used by customers to exchange medical records, bank statements, and various government correspondence with external third parties.

To improve these critical customer PDF-based communications, Venkatesh and his team looked to add professional PDF viewing and redaction to the Egress Secure Workspace and Investigate modules in 2017. That way, users would not have to rely on less secure, consumer-level tools and improvised workflows fragmented across multiple applications to edit their documents. Instead, they could quickly and securely process data in email attachments and shared documents right in Egress.

Egress looked to the document SDK market and at open-source PDF libraries to identify a PDF viewing and redaction solution that would support the company’s demanding requirements for security, compliance, and user experience when embedding the new PDF capabilities.

Additionally, the PDF SDK or library would have to satisfy Egress's business requirements for fast integration and cost-effectiveness at scale. "For us, it was imperative that we can get our products to market faster than our competitors, and then, obviously, the icing on the cake was finding a solution that could provide us cost savings as well," says Venkatesh.

Egress needed a "set it and forget it" solution without rendering bugs or other reliability issues that would distract its highly specialized engineers or force them to work on third-party code in their software.

"If you look at the costs of hiring and maintaining new skill sets for document features, updating to new versions of a custom solution, and supporting those as well⁠—these costs, including opportunity costs, could be quite high. The thing is, we are not document editing developers. We're cryptographers," stated Venkatesh.

Next, the solution would need to support smooth, reliable interaction on documents⁠—without extra image server costs, excess internet bandwidth consumption, or other issues that would limit Egress's ability to scale the latest features across a large user base and grow its platform with additional features.

Egress found they could have their cake and eat it too with Apryse's powerful client-side document viewer and processor WebViewer. The JavaScript SDK would integrate seamlessly in Egress's secure platform and support smooth interaction on files. Data processing actions such as redaction could then run directly in the browser application client. This architecture proved to have substantial benefits from a user experience, scalability, compliance, and developer cost standpoint.

Venkatesh explained: "Other products support redaction. But they require going to another website and re-uploading the PDF or leaving the browser to open a different app on the desktop. The advantage of using Apryse is the user doesn't have to leave our application, making the customer workflow and integration of the SDK much simpler."

WebViewer rendered files client-side. But unlike other web-based PDF libraries that may struggle with complex files, WebViewer proved performant and reliable when stress-tested across a large, representative user base with many types and sizes of documents. "We did a PoC and ran multiple test cases in terms of scalability, and our developers thoroughly ‘kicked the tires’ so to speak, before Apryse was selected," Venkatesh says.

With its comprehensive, cross-platform offering, Apryse also supported Egress's other products, and Apryse was integrated with Secure Workspace in 2020 to replace a previous solution.

These added capabilities proved easy to embed. It took Egress's developers just two days to complete their document collaboration PoC and two months to deliver a finished product to market. Venkatesh estimates that with Apryse, Egress saved up to 6 additional months that it otherwise would have taken his team on their own or using open-source PDF libraries.

Apryse is now deeply integrated within the Egress platform and relied upon by hundreds of thousands of concurrent users daily. And Venkatesh expects this partnership with Apryse to deepen further. Already, he and his team have spotted new synergies within Apryse's always-growing SDK offering. They are actively exploring the integration of WebViewer’s annotations on videos so users can collaborate on their CCTV footage and the integration of Apryse's digital signing and verification features to support contract sharing over Egress.

“Partnership will make these other workflows also much simpler and more efficient for our customers,” says Venkatesh. “I feel extremely confident that we’ll continue to have this relationship with Apryse for many years, especially as Apryse keeps innovating and improving its products.”

Our vision is for a connected world in which people communicate efficiently and securely. To achieve this, we wrap a protective layer around individual users to stop human-activated data breaches before they happen. Our patented technologies are built using leading-edge contextual machine learning and powerful encryption that mitigate modern risks in ways that other solutions simply can’t achieve.

Today, we provide intelligent email security to prevent accidental and intentional breaches, protect sensitive data, and equip CISOs and their teams with the detailed reporting required for compliance purposes. Learn more at www.Egress.com.

If you have any questions about how Apryse SDK can help enable business success, growth, and innovation for your organization, please feel free to get in touch!