Mail Data Protection Strategies after the Personal Data Protection Law passed - Cellopoint DLP solution

– 2010/4/23 –
Since the Computer-Processed Personal Data Protection Law was issued in 1995, it had mainly regulated the public authorities and the eight industries otherwise not to encroach upon people’s personality rights when processing personal data with computers. The Legislative Yuan is now deliberating on the new version of Personal Data Protection Law, which will no longer specify the applicable industries and all industries will have to comply with. However, in order to prevent frauds from worsening, the government asked non-store retailers to be applicable to the Personal Data Law from July 1st before the approval of the new law, asking related industries to protect personal data well to prevent frauds from happening. But these provisions and articles of the law are verbose (complicated). Companies always have trouble in how to comply with it when faced with the legality. With slight negligence, they are very likely to have an operational crisis of being suspected of being involved in data leakage and violating the Personal Data Law.

Cellopoint concludes two categories that account for data leakage:

  1. E-mail of daily business necessities, Internet surfing within the company, and the USB devices.
  2. Irrelevance to Non-daily business of IM (instant messaging), file-sharing, etc.

Therefore, when planning the organization data protection strategies, the organization structures, data types, and data streams are required be clarified. Data types are classified as E-mail, file-sharing, FTP, and IM while data streams are of data lifecycle management. Only after understanding them can the easy-to-be-managed information security policy be set up to meet the needs of the company and its regulation compliance.

As far as E-mail data protection is concerned, it is divided into two parts and conducted by following the aforementioned methods.

  1. Intensify transmission security. Using the TLS gateway encryption doesn’t interfere with the users behaviors and that establishes the secure E-mail VPN, protecting the E-mail communication securities between partners and customers. Flexible TLS options can encrypt the E-mail to-and-fro between two units to protect the confidential information.
  2. Check the mail contents to prevent data leakage. The Cellopoint DLP solution provides the precise, deep detection for mail contents, which can prevent E-mail from leakage due to negligence. When an outgoing mail is detected to bring sensitive information, such as names, identification cards, and credit cards, the Cellopoint DLP solution can immediately pause sending the mail and touches off the following actions:

a. Move the mail to the pending archive.
b. Re-transmit to the checkers or superintendents.
c. Send out the mail after automatic encryption.
d. Directly remove it to prevent the sensitive mail data from leakage and centralize the
checking records for inquiries.

Cellopoint DLP is a complete data leakage solution. It incorporates simultaneous mail transmission security and mail content checking, leaving the composition, transmission, opening, deletion, and the life cycle of the mail under protection.