DLP blocks encrypted email

When I specify [encrypt] in the subject, the DLP still quarantines. How could I configure DLP to allow encrypted outbound messages with SSNs in them?

As far as I know, DLP is done before encryption. What you would have to do is to implement DLP after encryption. This however could cause other issues, as people could encrypt the emails with SSN's, PHI, PII or corporate sensitive information and this would then in effect bypass the DLP filters which defeats the purpose.

What you could do is configure the solution (and what I will be doing) to bounce the email back to the sender (or DLP manager) if it contains the SSN or other reg exp you have specified and tell them that the email is in breach of the rule you have set and offer them the option to send the email "as is", send it encrypted or delete it. This also has the positive effect of "teaching " users about sending sensitive data via email.

I am sure that Martijn has a much more detailed explanation.

ยทยทยท

-----Original Message-----
From: users-bounces(a)lists.djigzo.com [mailto:users-bounces(a)lists.djigzo.com] On Behalf Of Dino Edwards
Sent: Tuesday 25 October 2016 18:21
To: users(a)lists.djigzo.com
Subject: DLP blocks encrypted email

When I specify [encrypt] in the subject, the DLP still quarantines. How could I configure DLP to allow encrypted outbound messages with SSNs in them?

_______________________________________________
Users mailing list
Users(a)lists.djigzo.com
https://lists.djigzo.com/lists/listinfo/users