TODO

To classify incoming and outgoing emails.

Advanced attack defence focusing on the application content

Allow releasable data to pass from a “high” system to a “low” system. For example “SECRET” content is always blocked from being released to “lowsystem.com” whilst “PUBLIC” content is allowed.

Allow safe data to pass from a “low” system to a “high” system

ATTACHMENT INVENTORY Append details of attached files (including their classification) to the end of an email - provides an attachment history and maintains awareness of original content, even when printed

Application of a Microsoft Rights Management Service (RMS) policy or invoke S/MIME encryption and digital signing

Apply security policy decisions before sensitive data either leaves or enters the organisation.

AUDITING & REPORTING Records classification events to support audit and management reporting requirements, providing visibility of user behaviour and allowing better targeting of security training and improved understanding of compliance position.

Automatically encrypt critical data automatically apply S/MIME protection according to the message classification.

Block messages and attachments containing viruses and dirty words

CLASSIFICATION ENFORCEMENT Option to require a user to classify each message – automating compliance with data classification and information assurance policies.

Classification of any attachments - including any nested content, whether inside another email or a zipped archive.

CONTENT CONSISTENCY Detect content that is inappropriate for a chosen label and advise the user on remediation. Checking is applied to the text of an email plus the content of over 65 attachment types – from simple text files through to complex documents and media files.

Different modules are available to enable specific features meeting requirements of standards including STANAG 4406, ACP123 and S/MIME Version 3 and RFC 6477 messaging standards

Ensure that only those with the relevant clearance levels are able to access documents.

METADATA MARKING Record classifications as metadata markings within the message headers – invoking and enabling other technologies such as Digital Rights Management, encryption and DLP.

Portion marking apply different classifications to sections of a message- providing granular control over the information

Users are warned when they try to send emails to recipients without the relevant permissions.

Visual and metadata marking which can apply security policy decisions before sensitive data either leaves or enters the organisation.

VISUAL MARKING Visual marking of messages mean that users are continually reminded of the importance of the information they’re sharing, making them more likely to value and protect it.

Where a message remains undelivered or unread after a set period of time, the message is forwarded onto a mailbox monitored 24 hours a day where action is guaranteed. Intended message recipients are sent a message explaining what has happened to the message.