|We're looking for a product to monitor or prevent data leakage in outbound email. -- We need to setup rules to do content filtering of outbound email, for example, to prevent a clerk from sending a credit card number in an email. Outbound email would be scanned for anything that looked like a credit card number: 16 digits, etc. (Credit card number is just an example similar to the kind of data for which we want to scan.)|
Each clerk has his or her own email address, so outbound email from each clerk's PC needs to filtered individually, either on their machine, through a our server or an appliance, or via a remote service.
The issue is NOT to stop someone who has malevolent intent. It's simply to prevent a clerk from sending a credit card number by mistake, since the clerk has access to credit card numbers and could put one in an email simply because he wasn't paying attention. We're not looking for foolproof or tamper proof, and they will know the system is in place. We trust them, so this is not intended to catch people intentionally violating our data management policy. It's supposed to help them comply with the data management policy.
We do need a management report that records this information. Optionally, blocking the outbound email pending management approval, or even kicking it back to the clerk for correction would be fine. The system could allow the email to be sent and simply report the error so that management could council the clerk who made the error.
The purpose of the report is to have a record of compliance violations and due diligence in resolving them.
Additionally, archiving incoming and outgoing email would be valuable option, but is not a requirement. This would give us the ability to review email that had been sent if we thought there was a problem that needed management review.
We use Outlook with a remotely hosted SMTP server (sendmail). Many products are available to do this if we used Microsoft Exchange. We do not use Exchange and do not want to implement it.
This could be a service similar to Postini. Postini has the ability to filter outbound email using REGEX (regular expressions) and will work with our mail server, but we do not like the fact that the filtering is done on google-owned servers because Google has a rather tempting motivation to capture business information from the email that flows through their servers that a provider who doesn't sell business data would not have. (I'm not accusing Google of anything, but we prefer to deal with a company that doesn't have a conflicting interest in our email communication.)
Also, we find it hard to imagine that Postini is the only product available which doesn't require Microsoft Exchange.
It could also be an add-in for Outlook, or it could be something that sits on the clerk's computer in the same position that an outgoing spam / virus filter would sit. In fact a spam / virus filter which allowed for programming of additional scanning rules would likely do the trick.
An Outlook add-in or spam / filtering system residing on each clerk's machine with a remote administration component similar to that provided by many PC security suites would be a good solution.
I suppose it could even be an appliance that sat on our network and had email routed through it.
We want to avoid complexity or something that requires significant technical skill to manage it.
We would use this for a minimum of 12 clerks and could use it for our entire staff of 40 people, if the price is reasonable.
If it sounds like we're rather flexible, we are. We'll likely get more picky as we see what's available to meet the basic filtering requirement, what options are available, and the cost.