Overview - Data Loss Prevention for Email

IT Service Desk 252-328-9866 | Pirate Techs Technology Support Centers | Submit a Ticket

Skip to a section: What is DLP | How does DLP work? | Resources

Available to

Faculty, Staff

What is Data Loss Prevention (DLP)

To help protect ECU information and avoid the accidental breach of sensitive data, Microsoft's DLP component scans unencrypted, outgoing email for certain "markers." For example, DLP may flag digits formatted like a social security number (xxx-xx-xxxx) or a long string of numbers near a date that could indicate a credit card number. Since DLP cannot read the message but only filters for certain formatting, you make the final decision for encryption. No one is reading your email.

If a scanned message meets certain criteria, the following happens:

  1. High Sensitivity. Messages are encrypted and delivered. Senders are reminded of the encryption policy through an email.
  2. Low Sensitivity. Sensitive messages are delivered unencrypted. Again, senders are reminded of the encryption policy through an email.
If you send sensitive information through email, make sure to:
  1. Encrypt emails containing sensitive data addressed to non-ECU users by typing [sendsecure] in the subject line or setting the Confidential tag. See the email encryption page for exact instructions (screen shots included).
  2. Apply Optical Character Recognition (OCR) to sensitive pdf files to make the text searchable. Images cannot be read by the DLP filter.

How does DLP work?

Messages that you encrypt are not scanned but delivered straight to the recipient. Unencrypted messages with an outside email address are scanned by DLP to detect possible PCI information. If possible PCI information is detected within an email, the DLP system:

  1. Encrypts the message and forwards to the recipient.
  2. Shows an Outlook tool tip explaining the PCI policy. To learn more, see this Financial Services website on Payment Card Industry policies at ECU.
  3. Sends an incident report to the PCI data steward for possible follow up.
  4. Generates a notification for the sender with additional policy information.
    Tool tip reminder for user

    Policy information for sender

Resources

For more information on sensitive data at ECU, see these websites:

 

Print Article

Related Articles (1)

Email Resources List
See these IT Knowledge Base articles on managing your ECU email account.