Countermeasures against misdirected e-mails
HENNGE Email DLP
The Problem of Email Mistakes
Mistakenly sent e-mails are often caused by inadvertent errors such as wrong addresses or attached files.
Accidents involving the handling of personal information are also often the result of email miscommunication, and this is one of the issues that companies must address as part of their information leakage prevention measures.
While there are some methods that require human intervention, such as double-checking by coworkers or superiors or requiring finger pointing before sending, these methods are becoming more difficult to implement due to changes in the work environment, such as increased efficiency and hybrid work styles.
Flexibly configurable for each business partner and each person
Email misdelivery countermeasure solution that can be flexibly configured for each business partner and person.
“HENNGE Email DLP”.
HENNGE Email DLP is a solution that works in conjunction with Microsoft 365 or Google Workspace email services to prevent email misdirection.
Not only can you set up filters such as temporary hold and supervisor approval according to your clients and sending users, but you can also select the sending method of attachments according to the security policy of the sending recipient.
Example of use
A sales department that frequently exchanges many e-mails with people outside the company is frequently sending erroneous e-mails and would like to take measures to prevent such miscommunications.
When an employee in the sales department sends an e-mail to an outside party, the e-mail is put on hold for 10 minutes so that team members can delete or stop the e-mail during the hold period.
I am concerned that a prospective retiree may have sent an e-mail containing confidential information outside the company.
When a prospective retiree sends an e-mail to outside the company, automatically add his/her supervisor to Bcc.
We want to deploy company-wide automatic URL conversion of e-mail attachments as a PPAP measure, but we want to send only to group companies without changing the attachment.
If the recipient is the domain of a group company, send the attachment as is without encryption.
Whenever a support person sends an e-mail to an external address, I want to include the support-only group address in the CC.
If a support person’s e-mail to a customer does not include the support-only group address in the CC, the e-mail will be automatically deleted.
By setting filter rules according to business partners and sending users
E-mail error countermeasures are implemented for outgoing e-mails
Mail processing operation and mail processing contents
| Processing Operation | Content of processing | |
|---|---|---|
| Filtering | Temporary hold | Temporarily holds outgoing mail and allows deletion of mail during the hold period |
| Delete | Deletes e-mails that meet pre-defined conditions | |
| Supervisor Approval | Outgoing mail can be temporarily put on hold and sent only after approval by a supervisor. | |
| Add Bcc | A specific email address can be added to the Bcc of emails that meet pre-defined conditions and sent. | |
| Team Mail | Temporary hold on outgoing emails, allowing team members to delete or stop sending emails during the hold period. | |
| Sent files | Automatic URL conversion of attached files (HENNGE Secure Download) | Enables automatic URL conversion of email attachments as a countermeasure against PPPAP |
| Automatic ZIP encryption of attachments | Enables automatic URL encryption of email attachments | |
| Others | Forced conversion of external email addresses | When an external mail address exceeding the threshold value is listed in the To, Cc, or Bcc field, Mail headers can be forced to be split if an external mail address exceeding the threshold is included in the To, Cc, or Bcc field. |
| Group Information Synchronization | Distribution Groups and Security Groups in Microsoft 365, Google Workspace Google Groups information can be synchronized. | |
Example of mail filter settings
| By whom | To whom | What rules | What to do | Expected Effects |
|---|---|---|---|---|
| Group of sales employees | To outside parties | Check the number of destination domains (2 or more) | Temporary hold (5 minutes) | Alerts the recipient that an incorrect third-party domain has not been added Alert the user whether the wrong third-party domain has been added. |
| Product Development Employee Group | To outside parties | Check for specific keywords (e.g., letters such as “Outside Confidential”, credit card numbers) | Approval | Identify the information you want to protect with keywords, Prevent leakage of confidential information |
| Prospective retirees | To outside parties | Add to BCC | Add BCC | Forward email correspondence of a prospective retiree Forwarding email correspondence to a supervisor or other person without notifying the individual |
| Internal users | To an external recipient | Check mail size (5MB or larger) | Secure Download | If the mail size including attachments attachments are automatically sent in Secure Download Secure download is used to send the file. |