■ Policy resources
■ Premium Content Compliance resources
■ Compliance policy templates
■ About premium templates
■ Managing policy resources
■ Creating compliance policies
■ Archiving messages
■ Configuring TLS encryption for remote domains
About content compliance
Content compliance policies are used to filter email for specified content. Compliance policies can be used to:
■ Prevent confidential or sensitive information from being sent to competitors. ■ Ensure that employees are not sending or receiving messages that violate state
and federal regulations.
■ Protect sensitive customer and employee data from being sent to unauthorized individuals and organizations.
5
■ Limit ability of email users to communicate language or conduct activities contrary to your organization's values and policies.
■ Block email from marketing lists that generate user complaints or use up excessive bandwidth.
■ Block or redirect messages or attachments with specific content or specific file attachment types or filenames.
■ Control message volume and preserve disk space by filtering out oversized messages.
■ Block messages containing certain keywords or numbers that match regular expressions in their headers, bodies, or attachments.
When you create a content-compliance policy, you choose either a blank or pre-built policy template and specify the conditions that invoke the policy, the actions triggered by messages and attachments that meet those condtions, and the groups to which those actions apply. In order to use a pre-built policy template, you must have the Premium Content Compliance module licensed and enabled. See“Creating compliance policies”on page 182.
You can add or edit policy conditions by entering the following types of information:
■ Literal expressions (word, phrase, filename, file extension) ■ PERL-compatible regular expressions
■ File type
You can also configure conditions to reference policy resources. A policy can match message content against a resource that you have specified in a condition. The following policy resources are available for adding or editing conditions: ■ Dictionaries include keywords, phrases, filenames and file extensions. ■ Patterns are named regular expressions that you can use to configure a policy
condition.
■ Regular expressions are patterns embedded in a policy template's conditions. ■ Attachment List file metadata allows you to filter messages based on file type,
MIME-type, filename extensions.
■ Record resources provide field-delimited structured data sets (from your proprietray data sources) against which to test policy conditions.
Select the policy resource and the filter test that you want the policy condition to use to match message content. You can populate a custom policy resource, or you can edit existing resources by adding user-defined terms or disabling
Configuring content compliance filtering About content compliance
predefined terms and expressions. In some cases you need to add your own terms to a resource before it can be referenced by a policy condition.
If you have the Premium Content Compliance module licensed and enabled, premium resources are available for creating policy conditions.
See“Premium resources ”on page 431.
Premium pre-built policy templates include predefined conditions, or rules, that you can modify to suit your organization's specific policies regarding regulatory compliance, data confidentiality, acceptable use, and data security.
You modify pre-built compliance policy templates to meet your organization's requirements.
There are two types of pre-built policy templates:
■ Described Content templates provide pre-built conditions that reference existing policy resources, such as dictionaries.
Pre-built conditions can be logically combined in different ways to create new policies that are based on the template. For example, use this method when you need to create variable conditions for a policy depending on who is authorized to review messages that meet those conditions.
SeeTable 5-4on page 118.
■ Structured Data policy templates allow you to create policy conditions that reference proprietary data sets that you upload as Record resources. Properly configured policies based on Structured Data templates filter message content for proprietary data that you want to protect against data loss. You must create Views (data subsets) to designate the columns that a condition can reference in a Record resource. Using a Structured Data policy that references a Record resource can virtually eliminate the number of false positives returned by a similarly configured Described Content policy that relies solely on matching regular-expressions.
Note: Some policy templates provide both Described Content and Structured Data versions. Select the Structured Data version of a policy template only if you have access to and permissions for the relevant data source.
See“About premium templates”on page 126.
There are also policy resources for configuring actions. These include: ■ Optional archive tags allow you to specify anX-archive: headerto add to
messages that meet a policy's conditions for archiving. This can enable you to sort archived mail.
See“Archiving messages”on page 201.
97 Configuring content compliance filtering
■ Annotation templates allow you to configure standard comments that are added to emails that meet a policy's conditions.
See“Annotating messages”on page 160.
■ Notification templates allow you to configure email messages that automatically notify senders, recipients, or others of messages that meet a policy's conditions. You can choose to attach the original email or not.
See“Editing the notification template”on page 209.
You can select the actions, including those that reference policy resources, that you want the policy to take and the groups to which you want it to apply. In addition to creating compliance policies using resources and policy templates, you can further manage content compliance by:
■ Creating compliance folders to monitor incidents of noncompliance. See“Creating compliance folders”on page 205.
■ Managing incidents of noncompliance by defering actions and holding messages for review.
See“Managing incidents”on page 210.