Most high-cost security incidents occur when data from inside an organisation somehow leaks out. What’s more, with confidential customer data, intellectual property and sensitive financial data only a keystroke away from distribution via email, virtually every organisation is at risk. Whether security policies are violated either inadvertently or maliciously, information leakage can cause serious damage – from costly lawsuits and regulatory fines to loss of customer trust and ultimately, lost business.
Leaks involving personal or financial data about customers or employees, confidential business information and intellectual property can violate any number of laws that require companies to guarantee the security and privacy of information that is electronically stored, maintained or transmitted. Examples include:
- U.S. state-specific encryption laws such as California’s SB 1386 and Massachusetts’ 201 CMR 17.00 (businesses may be subject to these laws even if they are not based in either state)
- Gramm-Leach-Bliley Act (GLBA)
- Health Insurance Portability and Accountability Act (HIPAA)
- U.S. Patriot Act
- Sarbanes Oxley Act (SOX)
- European Union Data Protection Directive (Directive 95/46/EC)
- Personal Data Protection Law – Japan
- Law on the Promotion of Utilisation of Information and Communication Networks and the Protection of Data – South Korea
- Privacy Amendment (Private Sector) Act – Australia
With MailGate outbound data loss prevention (DLP), organisations can:
- Define and manage email security policies to ensure compliance with both company policies and industry and government regulations. Intuitive policy controls make it easy to enforce rules around content, users, recipients and attachments, while providing the widest range of policy actions, from blocking to re-routing to encryption.
- Filter the content of all outbound messages and attachments to identify and prevent sensitive, questionable or confidential information from leaving your email network. MailGate’s simple check box user interface filters content to identify confidential information such as credit card, Social Security and CUSIP numbers, and PINs, reducing the complexities associated with protecting your organisation’s sensitive, proprietary and regulated data.