The specified criteria are not mutually exclusive, i.e. organizations can set up policy rules based on several criteria at the same time. Simply stated, policy driven rules can be set “If ALL of the conditions are met” or “If ANY of the conditions are met”.
RightsWATCH’s policy driven engine can be set to trigger the following types of rules:
Default classifications of e-mails and files
Suggested classification of e-mails and files
Enforced classification of e-mails and files
Presenting disclaimers that need to be signed, for the user to acknowledge the policy being applied
Warnings that are presented to users
Blocking users from performing actions (ex: sending an email, saving a file)
1. Content – Keywords, phrases, regular expressions (PII, PHI, PCI,…), data formats, partial document matching, …
2. Context – Location (ex: file path), e-mail headers (ex: sender, recipients, e-mail domain addresses, …)
Metadata – Current classification and file properties (ex: size, type, date, status, category, author, manager, hostname, owner, user, …)
Start with Increased Security and go clockwise.
Give exemples of features related to each point, for example:
Increased Security:
- Protection extended to mobile (addressing the BYOD paradigm and supporting MDM software)
Improved Compliance:
- Also covers legacy files (with the Global Protector capability)
Increased Productivity:
- Flexible re-classification (using ITA, for example)
Decreased Costs:
- Cost of auditing (refer to the Monit console capability)