A Delicate Balance: DLP and Privacy
prevent the unauthorized distribution of confidential/private information.
Because email was not originally developed with security as a top
priority, the transfer of sensitive information is immediately exposed to
a range of threats. The limitations of the SMTP protocol, industrial
espionage, disgruntled employees and the growing frequency of identity
theft represent only a fraction of the threats to an organization's
emails. While these threats are real and must be addressed, it is crucial
that a DLP system and policy be consistent with a company's overall
strategy so that employee expectations about privacy can be reasonably
Sensitive information is typically characterized by keywords, textual or
numerical patterns (i.e. credit card number, social security number etc.)
and other content-related phrases. PineApp's policy-driven DLP module, for
instance, scans all outgoing emails for the presence of content that has
been defined by an organization's own policy. An email that is flagged,
due to these predefined criteria, is immediately intercepted and system
administrators are instantly notified.
While it may be obvious to company management that all emails ought to be
reviewed and scanned for security purposes, a company must make it clear
to their employees that someone is NOT reading every email in their
system. This "Big Brother" perception must be acknowledged and addressed
from the very beginning stages of a DLP policy development.
When applying DLP to an organization's email server, IT managers need to
maintain a delicate balance between their company's security interests and
the end-user's privacy. This balance is only possible through a coherent
policy that is aligned with the management of sensitive data in all facets
of the organization.
visit: www.pineapp.com for detail.
contact us for POC / test on your site.
Business Development Director
PT. DAYA CIPTA MANDIRI SOLUSI
IBEC Building 2nd Fl
Jl. KH Wahid Hasyim No.84-86
Jakarta Pusat, 10340, Indonesia