mobile version

Data Leak Prevention (DLP)

Data Leak Prevention (DLP) is a feature that prevents certain information to leave the organization via email. What information this is, is defined in the configuration of the DLP system. Typically, it includes credit card numbers, bank account numbers, excessive amounts of email addresses or other personal information in one email message, etc. The DLP engine has been integrated with the CipherMail Email Encryption Gateway.

DLP can monitor email at various levels:

CipherMail DLP currently filters email bodies, attachments and nested attachments of type text, html, xml and other text-based formats. Filtering attachments of type pdf, doc, xls etc. will be part of a future offering of CipherMail DLP.

Configuring DLP is done via the CipherMail Web GUI. You can specify keywords and sentences that outgoing email messages should not contain. More elaborate filtering is achieved via regular expressions, a specification format that allows you to specify virtually any combination of characters, words or sentences that should be filtered.

DLP can be configured on three levels, similar to how encryption is configured: at gateway level, at domain level and at individual user level. The latter is useful in specific cases where some users can send out information via email that other users cannot.

Some predefined sample patterns can be downloaded from the patterns page.

DLP features