Protecting Sensitive Information

SecurExchange from Nemx, implemented in tandem with your Microsoft Exchange Server mail service, preempts compliance violations and information leakage by identifying email that breaches predefined content policies and preventing them from being delivered!

At the heart of every SecurExchange solution is our sophisticated Intelligent Content Analysis (ICA) engine. ICA allows SecurExchange to monitor and evaluate, in real-time, the content of every single email message– incoming, outgoing and internal – and most common attachments (PDF and MS Office documents).

Using a variety of advanced techniques including word stemming, key words, phrases, proximity, location zones, dictionary and thesaurus expansion, and natural language processing, as well as the message origin or destination (inbound, outbound, internal) comprehensive definitions are created that are the basis of SecurExchange’s unique "concept-based" monitoring capability. The use of predefined Content Concepts (ie Confidential data, NPI, SSN) provides an efficient, flexible and highly accurate way to monitor email traffic in real-time for the kind of information subject to regulatory compliance requirements.

Of course its best to prevent compliance infractions, however, in a changing landscape where new regulations can be generated both externally and internally its important to be able to identify if any previous email correspondence exposes the corporation to any potential risk or liability from these new rules. Background "after-the-fact" scanning is a SecurExchange feature that allows you to search your user's mailboxes or public folder using new or updated criteria or concepts to identify any past correspondence that could be a problem.

For example, a concept is defined to identify Nonpublic Personal Information, called the NPI Concept. The NPI Concept is able to identify emails containing information such as credit card numbers with checksum validation (PCI), social insurance (SIN) or social security numbers (SSN) and other personal information. Rules, called Smart Action Triggers™, that define what processing actions to take, are associated with the NPI Concept. The combination of Concept monitoring and Smart Action Triggers (SAT) provides the power that enables SecurExchange to properly identify and process messages that meet the NPI Concept conditions.

Because distribution of NPI information is restricted SecurExchange monitors all messages for the NPI Concept. When a message is identified SecurExchange checks to make sure its being sent to an authorized recipient before allowing Exchange to process delivery. If not, message delivery is blocked. Additional SAT actions can be defined and attached to the concept providing total control over message processing. In the instance of a blocked message it can be quarantined and a copy instantly forwarded to the compliance officer. A notification to the sender can also be returned advising them the message was blocked. In the case of authorized message delivery the "ARCHIVE" Smart Action Trigger could be invoked and a copy of the message written to create a permanent record in an MS SQL archive database.

A number of the SecurExchange Family of products can address Information Leakage issues:

To find out more about protecting your Exchange Server environment and dealing with your business email challenges, visit Nemx SecurExchange or contact us today!

More Solutions: Privacy and Compliance | Acceptable Use | Information Leakage | Threat Prevention

More About SecurExchange: General | Fact Sheet | FAQS | Download