Data Leak Prevention

The built-in data leak prevention module can be configured to filter credit card numbers, bank account numbers, excessive amounts of email addresses or other personal information from emails.

Content based encryption

Data Leak Prevention (DLP) is a feature that prevents certain information to leave the organization via email. What information this is, is defined in the configuration of the DLP system. Typically, it includes credit card numbers, bank account numbers, excessive amounts of email addresses or other personal information in one email message, etc. The DLP engine has been integrated with the Email Encryption Gateway.

DLP can monitor email at various levels

  • email body content
  • email headers
  • email attachments of various types
  • nested attachments of various types

CipherMail DLP currently filters email bodies, attachments and nested attachments of type text, html, xml and other text-based formats. Filtering attachments of type pdf, doc, xls etc. will be part of a future offering of CipherMail DLP.

Configuring DLP is done via the CipherMail Web GUI. You can specify keywords and sentences that outgoing email messages should not contain. More elaborate filtering is achieved via regular expressions, a specification format that allows you to specify virtually any combination of characters, words or sentences that should be filtered.

DLP can be configured on three levels, similar to how encryption is configured: at gateway level, at domain level and at individual user level. The latter is useful in specific cases where some users can send out information via email that other users cannot.

Some predefined sample patterns can be downloaded from the Example DLP patterns page.

Features

  • Outgoing email can be scanned on keywords and regular expressions.
  • Keywords and regular expressions can be specified at gateway, domain and user level.
  • Messages can be blocked or quarantined when a rule is violated.
  • Email encryption can be forced when a rule matches.
  • DLP managers will be notified when a rule is violated.
  • DLP managers can release quarantined email.
  • If allowed, users can manage their own quarantined email.
  • Email bodies, attachments and nested attachments of type text, html, xml and other text-based formats are supported (support for pdf, doc, xls, zip etc. will be added to future versions of CipherMail DLP).