|
This white paper will describe the techniques and capabilities required to provide intelligent, effective content analysis for email monitoring, compliance and control applications and discuss the shortcomings of traditional key word/key phrase solutions.
At the same time as this burgeoning growth in email volume and use has occurred enterprises are facing numerous strict new regulations, both externally and internally imposed, governing the disclosure, safekeeping and distribution of personal, private, financial and other corporate sensitive information.
No wonder email content control has become a major concern for virtually every organization.
Email Control--Understanding the Issue
Effective management and control of the information flowing through corporate email systems is imperative, in some cases mandatory. As the statistics above clearly illustrate, organizations have seen their corporate email system become a de facto repository and distribution mechanism for the vast majority of their data and corporate knowledge. What's more, vast amounts of personal, non-business related, and other types of possibly inappropriate information is flowing through (and stored within!) corporate email networks.4 Once inside the email environment it is extremely difficult to protect and control the information.
In recent years new rules and laws have been enacted such as the Sarbanes-Oxley Act (SOX), Gramm-Leach Bliley Act (GLBA), Health Insurance Portability & Accountability Act (HIPAA), SEC Rule 17a, Personal Information Protection & Electronic Documents Act (PIPEDA, Canada), and others that strictly govern the protection, use and sharing of specific types of information. All these regulations recognize email as a valid record of corporate communication, conversation and behaviour. This has had far reaching implications in terms of corporate risk and liability associated with the use of email. Email is frequently targeted and subjected to serious scrutiny during any compliance investigation, legal proceeding, or dispute of any kind.
Corporate enforcement of regulatory controls is mandatory, but organizations have also been quick to recognize the "best practices" embodied by these legislated regulations and this has sparked renewed emphasis on implementing and enforcing an organization's own internal corporate policies and practices, in addition to their legal or regulatory obligations. The challenge, of course, is how to enforce these internal rules (as they apply to email) when they can be so diverse and potentially unique within any given company.
At the same time as this burgeoning growth in email volume and use has occurred enterprises are facing numerous strict new regulations, both externally and internally imposed, governing the disclosure, safekeeping and distribution of personal, private, financial and other corporate sensitive information.
No wonder email content control has become a major concern for virtually every organization.
Email Control--Understanding the Issue
Effective management and control of the information flowing through corporate email systems is imperative, in some cases mandatory. As the statistics above clearly illustrate, organizations have seen their corporate email system become a de facto repository and distribution mechanism for the vast majority of their data and corporate knowledge. What's more, vast amounts of personal, non-business related, and other types of possibly inappropriate information is flowing through (and stored within!) corporate email networks. Once inside the email environment it is extremely difficult to protect and control the information.
In recent years new rules and laws have been enacted such as the Sarbanes-Oxley Act (SOX), Gramm-Leach Bliley Act (GLBA), Health Insurance Portability & Accountability Act (HIPAA), SEC Rule 17a, Personal Information Protection & Electronic Documents Act (PIPEDA, Canada), and others that strictly govern the protection, use and sharing of specific types of information. All these regulations recognize email as a valid record of corporate communication, conversation and behaviour. This has had far reaching implications in terms of corporate risk and liability associated with the use of email. Email is frequently targeted and subjected to serious scrutiny during any compliance investigation, legal proceeding, or dispute of any kind.
Corporate enforcement of regulatory controls is mandatory, but organizations have also been quick to recognize the "best practices" embodied by these legislated regulations and this has sparked renewed emphasis on implementing and enforcing an organization's own internal corporate policies and practices, in addition to their legal or regulatory obligations. The challenge, of course, is how to enforce these internal rules (as they apply to email) when they can be so diverse and potentially unique within any given company.
|
