Outlook Tiny DLP is a modular and easy expandable solution that secures organizations using MS Outlook against to the leakage of critical information via e-mail. The possibility of e-mail protection providing by this solution is particularly important especially in the run-up (25 May 2018) the full application of the new rules on the processing and protection of personal data – GDPR. A seemingly trivial incident will then have potentially very costly consequences. The basic features of Outlook Tiny DLP are listed below:
- It is the only product of this type currently available on the market, which allows you to meet when sending via e-mail invitations to meetings etc. the requirements defined in the GDPR as “privacy by default”. Using any other solutions, sending invitations without disclosing all invited people (and therefore those outside our and related organizations!) to the invited ones is not possible.
- The solution provides the ability to easily define and expand the set of different categories of information subject to restrictions – national identification numbers, VAT identification numbers, bank account numbers, identity card data, telephone numbers, attachments with confidentiality clauses etc.
- It also allows you to check the content of encrypted messages, including messages containing attachments encrypted using popular programs like WinZip, 7 Zip, WinRAR, etc.
- Handling of potential incidents may be decentralized by assigning decisions on matters of lesser importance to direct superiors – this allows reducing the burden on the entity responsible for information security management and ensuring its proper effectiveness without increasing employment.
- Thresholds for different categories of actions (user warning, blocking of dispatch with forwarding a request for a decision to the supervisor or the relevant unit, etc.) can be modified as part of the management of information security policy exceptions.
- The user has the option to opt out of the disputed message – a significant percentage of incidents is caused by inattention, simple mistake or insufficient knowledge of internal regulations in the field of information security.
The following illustration shows sample information received by the person handling of a potential security incident. As already mentioned, decentralization of the service of trivial incidents or unclear situations can and should allow to significantly relieve the organizational unit responsible for information security, without compromising the level of security.