× Overview Videos Screen Shots FAQ Update History Order Now Download User Guide
☰ UserGuide
Download Buy Now

DLP Content Scanning


Overview

How can you ensure that your users are not accidentally (or intentionally) sending out sensitive or restricted information?

SendGuard can scan email contents (body, subject and attachments) for specific words or data patterns and warn/block users if it finds any potentially sensitive or restricted content.

SG DLP Prompt

IT admins can configure SendGuard DLP to scan emails for Credit Cards, Social Security Number, Profanity Lists. Regular Expressions (Regex) can be used to define any search pattern or word list.

The prompts can also be configured to allow different options based on the severity of the information detected (e.g. block the email or allow with user confirmation).

SendGuard can be configured to keep a log if users choose to send out an email despite the warning.

How to Set Up DLP Content Scanning?

Using DLP Builder

  1. Open Outlook.
  2. Click on the Standss Outlook Addins tab on the ribbon.
  3. Click on SendGuard and then click Settings to open the Settings screen.
  4. Click on the Data Loss Prevention tab.
  5. Ensure Enable DLP checkbox is ticked.
  6. Click on Create DLP Using Templates button to open DLP Builder Screen.
    SG DLP Builder Prompt
  7. Select one of the predefined templates from the list or Custom to add your own rule.
  8. Edit the rule if needed (Note: The rules are written as Regular Expression).
  9. Select an Action to be taken if content is detected from the dropdown list.
  10. Type Rule Name to be displayed on prompt.
  11. Click OK to Add the Rule.
  12. Repeat the above steps to add more rules.

Manually

You can define what you want scanned and the associated actions either in the registry or on the DLP tab of the settings screen.

SG DLP Settings

You can define multiple DLP Rules on this screen. Each new rule must start on a new line and end with a semi-colon (;).

Type::Action::Regex

Each DLP content has 3 parts to it, these are:

  • Type: This is a text description of the type of DLP (E.g. Credit Card, SSN)
  • Action: The Actions are the types of actions to take when some content is found. These actions have severity levels:
    • Block: This is the highest severity level where the user is not allowed to send the email
    • TypeSend: This is the medium severity level where the user has to type SEND before clicking Send
    • CheckBox: This is the lowest severity level where the user has to tick a checkbox before sending.
  • Regex: This is the regular expression which is used to search in the email or attachments.
  • Add multiple DLP Rules by separating them using a semicolon (;)

DLP Syntax Examples

US social security number (SSN)::Checkbox::([^0-9-]|^)([0-9]{3}-[0-9]{2}-[0-9]{4})([^0-9-]|$);

UK national insurance number (NINO)::Checkbox:: [A-CEGHJ-NOPR-TW-Z]{2}[0-9]{6}[ABCDs]{1};

Visa Credit Card::TypeSend::4(?<=\b(?<!\.)4)\d{3}[\W\s]?\d{4}[\W\s]?\d{4}[\W\s]?\d{4}\b;

Mastercard 1::TypeSend::5(?<=\b(?<!\.)5)[1-5]\d{2}[\W\s]?\d{4}[\W\s]?\d{4}[\W\s]?\d{4}\b;

Mastercard 2::TypeSend::5(?<=\b(?<!\.)5)([\W\s][1-5])([\W\s]\d){14}\b;

American Express 1::TypeSend::3(?<=\b(?<!\.)3)(4|7)\d{2}[\W\s]?\d{2}[\W\s]?\d{4}[\W\s]?\d{5}\b;

American Express 2::TypeSend::3(?<=\b(?<!\.)3)([\W\s](4|7))([\W\s]\d){13}\b;

Profanity::Block::Stupid|Profanity|TriggerProfanity|5h1tt;

Configuring by Changing the Registry directly.

You can also change the registry key directly:
DLP_Content

The format for the setting is similar to the instructions above.

Note that each different DLP Rule will need to be end with a semi-colon. You do not need to put in line breaks.

Supported Content Types

  • Email Content (Body)
  • Email Subject
  • Attachment File Name
  • Inside Attachments (Below are supported files)
    • Text: txt, csv, and any files that can be read by a text reader
    • PDF: pdf
    • HTML: html
    • Word: doc, docx
    • PowerPoint: pptx, ppt
    • Excel: xls, xlsx, xlsm, xlt, xltx, xltm
    • RTF: rtf
    • ZIP: zip (fully recursie)
    • MSG: msg (fully recursive)

Deploying Settings to Many Users

The settings can be pushed out using ADMX/ADML files and GPO (or your preferred deployment software).

It is recommended that you test the DLP rules using the SendGuard settings screen before deployment.

Please contact us at support@standss.com for our Administrators Guide and the ADMX/ADML files (or if you need help with your DLP Rules).

30 Day Money Back Guarantee


We are so confident about our software, that we offer a 30-day money-back guarantee!
This way, you can try SendGuard without risking a cent of your money.
If you aren’t satisfied for any reason, or it doesn’t live up to your expectations, you won’t be out one red cent. Just e-mail us and we’ll refund your entire payment. Right up to the final day of your 30-day guarantee. No Questions Asked!

Buying For Your Team?


Volume discounts available, contact our sales team for a quote now

Contact Sales

© , Standss (South Pacific) Limited. All Rights Reserved.