The NextLabs Misdirected Communications solution enable busineses to:
- Proactively prevent misdirected communications. Ensure that information is disclosed to correct e-mail recipients before data loss occurs.
- Leverage identity to manage fine-grained policies. Precisely determine who can disclose what information, where, how, and with whom.
- Automatically remediate attempted violations. Correct misdirected e-mail attempts or create an exception, without administrator intervention.
- Monitor and track user activities. Fully audit all communications to understand compliance goals, close gaps, and track any exception cases.
- Achieve compliance fast. Apply pre-built policies and reports, while leveraging IdMS, CRM, and document management systems for high scalability across thousands of users and millions of documents.
Prevent Misdirected Communications and Disclosure of Confidential Data
High-profile cases of communications that are misdirected to improper recipients have resulted in loss of business and credibility for today's leading enterprises. Examples include:
- The law firm of a large pharmaceutical company, Eli Lilly, accidentally disclosed a billion-dollar lawsuit to a New York Times reporter, ending up as front-page news, creating brand damage.
- Deutsche Bank was dropped from the Hertz IPO, costing them millions in fees, when a rogue e-mail was circulated by one of the investment bank's employees.
- A misdirected e-mail prevented a military convoy in Iraq from being recalled, costing lives.
Unfortunately, hitting "recall" on an e-mail after a mistake has been made is not a dependable solution, especially when confidential information, such as intellectual property, client account information, or business plans have high market value. A proactive solution is needed that can identify the proper recipients of sensitive data and enable proper disclosure, before messages leave the organization, resulting in data loss.
Unlike network-based approaches that block content from leaving the network and require IT support to help determine the intended purpose of quarantined e-mail, the Misdirected Communications Solution is host-based, enabling it to evaluate each user's attempted disclosure in real time, based on sender and recipient identity. Data is protected at the source before it leaves the desktop, with immediate remediation for any policy violations through user interaction..
The Misdirected Communications solution integrates transparently with messaging clients, such as Microsoft Outlook, while leveraging identity management and CRM systems as needed, to precisely determine who can communicate what information, where, and with whom.
Fine-grained policies are used to determine when a user attempts to send a message or attachment to improper recipients. If violations occur, Policy Assistants provide self-guided workflow that quickly enable users to remediate errors or allow for exception cases, without disrupting productivity or requiring additional IT overhead. This highly scalable solution consists of the following:
- Identity-Driven Policy Controls. The solution integrates transparently with existing messaging systems to identify when and where specific users attempt to improperly disclose confidential information, and to whom.
- Support for CRM and Document Management Systems. CRM systems that classify and maintain confidential information associated with clients and users are easily leveraged to apply controls; a single policy, based on CRM definitions, can now govern disclosure to only proper recipients, resulting in a highly scalable solution.
- Proactive Remediation without Costly Administrator Intervention. When the risk of a policy violation occurs, users are automatically prompted to take action to fix the error, in real time, with all activity logged for central auditing. IT administrators are not required to understand each user's intent or authorized recipients.
- Automated Workflow to Reduce Risks. Pre-built Policy Assistants integrate transparently at the desktop to educate users about policy violations, highlight errors, and provide a course of action to prevent data loss, all without slowing productivity.
Companies can now confidently prevent inappropriate disclosure of confidential e-mail that can lead to data loss, damage business integrity, and compromise client confidence.
Misdirected Communications Applications
The solution is pre-built with policy objects and components. Policy sets can be easily customized to the environment or used as templates to create new policies. Examples include:
- Prevent users from distributing client account documents to the wrong clients.
- Allow investment research to be e-mailed only to research analysts, whether inside or outside the company.
- Log all attempts to distribute confidential files to unknown recipients.
Aerospace & Defense
The solution provides controls across enterprise messaging clients to create a consistent boundary. Example policies include:
- Deny ITAR-controlled technical documents from e-mail disclosure to non-US, non-project team members.
- Allow project files to be disclosed only internally or to authorized supply chain partners and subcontractors.
- Monitor attempted ITAR violations over e-mail and log for compliance auditing.
Design and Manufacturing
The solution provides controls across multi-channel communications to create a boundary that is consistent across voice and electronic communications applications (IM, e-mail, VoIP, Web conference, etc.). Example policies include:
- Initiate approval procedures whenever users try to disclose project documents to recipients outside of the team.
- Allow design contractors to e-mail CAD drawings only to recipients at the Company domain.
- Prevent any of Client Company A's intellectual property from being sent to Client Company B.