I'm reaching here, but I figured I'd ask ...
I'm trying to setup DLP for a client (a financial institution) who certainly needs to protect sensitive information. However, there are some specifics that need to be considered and I'm not sure how to approach them.
Right now, the OOTB DLP policies do a fantastic job of recognizing plain text information throughout an email and it's attachments, though it doesn't recognize that info in images. Also, my client isn't as interested in flagging sensitive information in attachments because there is already an encrypt rule in Exchange for every email with an attachment going to external addresses. Also, some users use the Citrix ShareFile Outlook add-in and those attachments don't seem to be scanned by DLP (the OME must be added after the email is sent, if DLP is designed not to scan an encrypted attachment ... or maybe DLP just can't see the ShareFile-specific attachments?). Lastly, it would be nice to only encrypt emails with attachments, if sensitive data is recognized, which is possible I know, but if DLP doesn't have OCR capabilities to "see" that info on images, the Exchange Rule wouldn't meet the compliance requirement to prevent the leak of sensitive information.
So, in an effort to unpack all this:
- Are there OCR capabilities to scan images somewhere in the DLP framework, which I'm overlooking?
- Is there a way to avoid flagging senders for including sensitive information in an attachment, if it's tagged for encryption by an Exchange Rule?
- Why isn't sensitive information in a Citrix ShareFile attachment flagged?
