Thread Info
  • State Verified Answer
  • Locked Locked
  • Replies 1 reply
  • Subscribers 0 subscribers
  • Views 9742 views
  • Users 0 members are here
Options
Suggested
This discussion has been locked.
You can no longer post new replies to this discussion. If you have a question you can start a new discussion

Question about encryption

Antioch

I have a sophos email appliance and I need some help around encrypted emails and data controls. 

What im attempting to do is when the appliance encrypts an outgoing message to set something up where data controls wont review the message and flag it for restricted content. Basically I want emails to be encrypted and have no review of content. The trouble with this is that can set deliver immediately as a main action  (which ignores any other rules) but I cant tell it to encrypt the email as well, and vice versa. I toyed with the idea of adding something to the header of the email then setting up data controls to disregard messages from the header but that has the potential to ignore email messages that shouldnt be ignored, and as i found out, Sophos does not allow exclusion by specific header names, only inclusion. That statement is slightly confusing but what I mean by that is that I can look for specific header names to include, but I cannot exclude a message with a specific header, leaving me with the daunting prospect of marking every message that is not confidential with a header as an inclusion rule, rather than exclude the relatively small amount of encrypted emails that go out. Is there around this that im not seeing?

:43747


This thread was automatically locked due to age.
Parents
  • 0

    I actually got this sorted out. I contacted sophos customr service on the matter and what they had me do was setup a rule under data controls that picks up the encryption flag from outlook and handles it. Heres how were setup and what I did to get it working:

    Currently we have it setup so that when a user creates a new message and flags it under tags as confidential the sophos appliance picks this up and encrypts it. We had the ruleset to do this under additional policies. We had our dlp rule under data controls. According to sophos support anything under data controls is processed first. So what support had me do is under data control create a new rule as "Messages matching specific words or phrases", then under message attributes add 2 headers. For the first header enter "Subject" as the name and select "is (exact match)" and use the value of "[confidential]" (with brackets). For the second header use "Sensitivity" as the header name, "is (exact match)" and for the value use "company-confidential". from the there the rest of the setup is easy. Just use encrypt as the main action and the rest of the options to suit. When this is all finished the rule needs to go to the top of the order to prevent any dlp rules from firing from it.

    :44513
Reply
  • 0

    I actually got this sorted out. I contacted sophos customr service on the matter and what they had me do was setup a rule under data controls that picks up the encryption flag from outlook and handles it. Heres how were setup and what I did to get it working:

    Currently we have it setup so that when a user creates a new message and flags it under tags as confidential the sophos appliance picks this up and encrypts it. We had the ruleset to do this under additional policies. We had our dlp rule under data controls. According to sophos support anything under data controls is processed first. So what support had me do is under data control create a new rule as "Messages matching specific words or phrases", then under message attributes add 2 headers. For the first header enter "Subject" as the name and select "is (exact match)" and use the value of "[confidential]" (with brackets). For the second header use "Sensitivity" as the header name, "is (exact match)" and for the value use "company-confidential". from the there the rest of the setup is easy. Just use encrypt as the main action and the rest of the options to suit. When this is all finished the rule needs to go to the top of the order to prevent any dlp rules from firing from it.

    :44513
Children
No Data
Unfiltered HTML