DXfoto.com - Fotolia
Data loss prevention features in Exchange Server 2013 warn end users about possible policy violations before messages are sent. In part four of our Exchange Server 2013 DLP checklist series, we explain how policy tips can help admins and end users.
No matter how detailed and formal an organization's written email use policies are, employees or other end users will eventually violate the company's acceptable use guidelines. Data loss prevention (DLP) exists to prevent occasions of end-user malfeasance -- because these instances do occur -- but many email policy violations are innocent or unintentional. Established policies might invoke email actions (such as alerting a manager) and trigger an investigation, taking time and resources that simply reveal an accidental oversight on the end user's part.
DLP in Exchange Server 2013 helps mitigate unintentional violations by creating policies that allow sending policy tip notifications to the end user's Outlook client. If any part of the message appears to potentially violate a policy, a corresponding policy tip will remind the user about current policies and acceptable use guidelines. This can include violations in recipients, subjects, message bodies or attachments.
If, for example, a doctor creates an email containing a patient's medical record number and addresses the message to a recipient outside of the business, HIPAA or other healthcare policies will deem this as a possible violation. Before the message is actually sent, triggering a real violation and response, a policy tip can appear reminding the sender about the organization's policies regarding sensitive information. When the doctor sees this reminder, he or she can re-check the recipient or remove the sensitive info before sending the email.
Policy tips help to reinforce acceptable use guidelines while preventing "accidental" violations before they occur. To enable policy tips for email senders, transport rules must include a "Notify the sender with a policy tip" action. Because policy tips are specific actions, it's possible to use tips in selected situations while forgoing tips in other situations depending on the DLP needs of the business. It's also possible to create your own policy tips.
This is part four in a series about data loss prevention features in Exchange Server 2013.
Stay tuned for part five, which covers the importance of incident reporting.