Outbound Workflows for Data Loss Prevention

Description

Data Loss Prevention (DLP) is a security solution that identifies and helps prevent unsafe or inappropriate sharing, transfer, or use of sensitive data. Shield's Email Traffic Control helps you orchestrate outbound sending behaviors using outbound workflows.

Only Shield Admins with the Superuser or Administrator role may create, modify, or delete workflows and workflow templates.

Sensitive Data Types

Email Traffic Control offers the following sensitive data to be automatically protected for outbound delivery:

Bank Account Number Detects US routing numbers, IBAN, and bank account numbers
Credit Card Number Detects credit card numbers for major card types (Visa, MasterCard, American Express, etc.)
Date of Birth Detects dates of birth with contextual keywords in various formats
Financial Information Detects common financial information like credit cards, bank accounts, and tax IDs.
Phone Number Detects US and international phone numbers in various formats
Passport Number Detects passport numbers for US, UK, EU, Canada, and Australia
Personal Identifiable Information (PII)  Detects common PII patterns including SSN, credit cards, phone numbers, and more.
Protected Health Information (PHI) Detects common PHI keywords and patterns in text
Social Security Number Detects US Social Security Numbers in format XXX-XX-XXXX or XXXXXXXXX
Tax ID / EIN  Detects US Tax Identification Numbers including EIN and ITIN formats
US Driver's License Detects US driver's license numbers in various state formats

Deliver Email Securely

Deliver the email securely using Transport Layer Security (TLS 1.3) with a fallback to Bracket if the TLS connection is not supported. 

If the Shield organization is not configured with Bracket and the Shield user is not licensed for Bracket, the message will be held for review. 

To create this workflow, go to your parent organization or to a specific customer organization, then:

Add outgoing workflow - sensitive data via TLS or Bracket.png
  1. Click on Workflows.
  2. Under Build a Workflow, click Create.
  3. Enter a Name and Description for the workflow.
  4. Under Trigger type, select Outgoing email.

  5. Click Add.

    Workflows are enabled by default. If you are not ready for the workflow to be enabled, please click on Disable before adding conditions or actions to the workflow. 

  6. Click Add conditions on the workflow's conditions and actions builder page.DLP TLS or Bracket - Conditions and Actions.png

  7. On the New Condition page, click in the Search field and scroll to the Message section to choose from: 

    Email Content Checks the content of the email body for sensitive information
    Message Body Checks the content of the email body
    Subject Line Checks the subject line of the email
  8. Check the Add condition box to continue adding sensitive data conditions, if applicable, then click Add. New Condition - Add more conditions.png
    The workflow can trigger on Any or All conditions, configurable after all conditions are added. 
  9. Click on Add actions.
  10. On the New Actions page, click in the Search field and scroll to the Security section to choose Deliver email securely.
  11. Click Add.

The workflow is now created for the current Shield organization. Click on the vertical ellipsis () menu in the upper-right corner to choose to convert the workflow to a template or delete the workflow.

Deliver Email with Bracket

Deliver email with Bracket to ensure that the recipient is required to sign in to Bracket to view the message. 

In order for this action to be successful, the Shield organization must be configured with Bracket and the Shield user must be licensed for Bracket. If not, the message will be held for review. 

Add outgoing workflow - sensitive data via Bracket.pngTo create this workflow, go to your parent organization or to a specific customer organization, then: 

  1. Click on Workflows.
  2. Under Build a Workflow, click Create.
  3. Enter a Name and Description for the workflow.
  4. Under Trigger type, select Outgoing email.

  1. Click Add.

    Workflows are disabled by default. Please ensure it remains disabled until all conditions or actions are added to the workflow.

  2. Click Add conditions on the workflow's conditions and actions builder page. DLP Bracket - Conditions and Actions.png

  3. On the New Conditions page, click in the Search field and scroll to the Message section to choose from: 

    Email Content Checks the content of the email body for sensitive information
    Message Body Checks the content of the email body
    Subject Line Checks the subject line of the email
  4. Check the Add condition box to continue adding sensitive data conditions, if applicable, then click Add. DLP Bracket New Condition - Add more conditions.png
    The workflow can trigger on Any or All conditions, configurable after all conditions are added. 
  5. Click on Add actions.
  6. On the New Actions page, click in the Search field and scroll to the Security section to choose Deliver email with Bracket.
  7. Click Add.

The workflow is now created for the current Shield organization. Click on the vertical ellipsis () menu in the upper-right corner to choose to convert the workflow to a template or delete the workflow.

Related to

Updated

Was this article helpful?

0 out of 0 found this helpful