Internal Privacy Protection & Corporate Compliance

As essential as compliance with HIPAA, SOX, GLBA and other regulatory requirements is, its equally important to protect sensitive or confidential corporate information that is not necessarily subject to any of these legal requirements. The increasing frequency with which sensitive, confidential or proprietary information has been improperly exposed has led to the coining of the term "information leakage." If "knowledge is power" then information leakage is kryptonite.

If a national bank could mistakenly send thousands of clients’ banking and account information by fax to a scrap dealer in the southern states over a 2 year period, imagine how easy it is to deliberately or mistakenly expose valuable corporate information via email in your company!

SecurExchange helps you protect valuable and sensitive corporate information such as:

Sales often discloses customer information to potential prospects to provide references and support for the sales cycle. But, could your current systems prevent a disgruntled employee from sending a customer and/or prospect list to a competitor – perhaps a new employer? Or even catch an honest mistake like inadvertently including a wrong address in the recipient list. SecurExchange can.

Provide SecurExchange with a list of known competitors, a Customer Concept (an easily maintained list of customers) and a policy (Smart Action Trigger - SAT) that blocks delivery of any message containing customer names from being sent to any email address using a competitor’s domain and/or specified individual email addresses. SecurExchange will monitor all outgoing email and prevent deliver to any of the prohibited recipient addresses if the message or attachment contains customer information. In fact, another SAT could automatically forward the blocked message to a designated manager or compliance officer for immediate investigation.

To protect company financial information a corporate policy can be defined that restricts distribution of financial information and reports to the finance department, executive management team, board members and the bank’s representative. That policy might also define that when financial information is sent to authorized external recipients, such as the board members or bank, that those messages be encrypted and digitally signed to guarantee the privacy of the email during transit and to authenticate the recipient. SecurExchange will monitor all incoming, outgoing and internal email to guarantee that messages containing financial information are delivered only to the authorized recipients. SecurExchange will also automatically encrypt and digitally sign the outbound messages (after verifying the address is an authorized recipient) using the SMIME standards.

This prevents a situation where sensitive departmental budget information, for example, was mistakenly sent to an employee in the development group, or to an unauthorized external email address. This allows an organization to develop strict internal "need-to-know" policies and enforce them.

A number of the SecurExchange Family of products can address Internal and Corporate Compliance issues:

To find out more about protecting your Exchange Server environment and dealing with your business email challenges, visit Nemx SecurExchange or contact us today!

More Solutions: Privacy and Compliance | Acceptable Use | Information Leakage | Threat Prevention

More About SecurExchange: General | Fact Sheet | FAQS | Download