(19)
(11)EP 2 873 202 B1

(12)EUROPEAN PATENT SPECIFICATION

(45)Mention of the grant of the patent:
18.03.2020 Bulletin 2020/12

(21)Application number: 13740137.8

(22)Date of filing:  09.07.2013
(51)International Patent Classification (IPC): 
H04L 12/58(2006.01)
(86)International application number:
PCT/US2013/049803
(87)International publication number:
WO 2014/011694 (16.01.2014 Gazette  2014/03)

(54)

UNIFORM POLICY FOR SECURITY AND INFORMATION PROTECTION

EINHEITLICHE RICHTLINIE FÜR SICHERHEIT UND INFORMATIONSSCHUTZ

POLITIQUE UNIFORME DE SÉCURITÉ ET DE PROTECTION D'INFORMATIONS


(84)Designated Contracting States:
AL AT BE BG CH CY CZ DE DK EE ES FI FR GB GR HR HU IE IS IT LI LT LU LV MC MK MT NL NO PL PT RO RS SE SI SK SM TR

(30)Priority: 10.07.2012 US 201213545854

(43)Date of publication of application:
20.05.2015 Bulletin 2015/21

(73)Proprietor: Microsoft Technology Licensing, LLC
Redmond, WA 98052 (US)

(72)Inventors:
  • AYRES, Lynn
    Redmond, Washington 98052-6399 (US)
  • KABAT, Jack
    Redmond, Washington 98052-6399 (US)
  • KAKUMANI, Vikram
    Redmond, Washington 98052-6399 (US)
  • SANKARANARAYANAN, Vidyaraman
    Redmond, Washington 98052-6399 (US)
  • LIBMAN, Mashuri
    Redmond, Washington 98052-6399 (US)
  • STULL, Benjamin
    Redmond, Washington 98052-6399 (US)
  • KORETSKY, Anatoly
    Redmond, Washington 98052-6399 (US)

(74)Representative: Grünecker Patent- und Rechtsanwälte PartG mbB 
Leopoldstraße 4
80802 München
80802 München (DE)


(56)References cited: : 
EP-A2- 1 193 925
US-A1- 2012 079 275
  
      
    Note: Within nine months from the publication of the mention of the grant of the European patent, any person may give notice to the European Patent Office of opposition to the European patent granted. Notice of opposition shall be filed in a written reasoned statement. It shall not be deemed to have been filed until the opposition fee has been paid. (Art. 99(1) European Patent Convention).


    Description


    [0001] Modern organizations find it desirable to apply policies for information protection across the lifecycle of that information. For example, in the context of information protection as part of an e-mail, the lifecycle includes from creation/authoring, to transport and deliver, to consumption. Throughout the lifecycle of the information, organizations need to be able to take a single policy, and apply it consistently across the set of policy enforcement points applicable to the information. For e-mail, the policy enforcement points may include the e-mail client application at time of e-mail authoring, e-mail servers applying the policy in transit, may storage and delivery systems and e-mail clients during the e-mail consumption.

    [0002] Typically, an organization would have to author separate policies for the various policy enforcement points like parameter and internal mail servers, Mailbox storage systems, and E-mail clients like Microsoft Outlook® software in order to achieve these goals.

    [0003] US2012079275 A1 discloses content filtering of e-mail in a network environment. The network environment includes a client machine, a policy server and an e-mail server. An e-mail message is authored at the client machine. Filter policy information is obtained by the client machine from the policy server, wherein the filter policy information defines a filtering policy for filtering of e-mail messages. The filter policy information is applied to the e-mail message by the client machine so as to effect the filtering policy.

    [0004] EP1193925 (A2) discloses an electronic messaging scheme that is configurable to prevent intentional and unintentional transmission of electronic messages subject to one or more access restriction conditions. In accordance with one aspect of this electronic messaging scheme, an electronic message is interrogated for an access restriction notice in response to a user command to transmit the electronic message, and a detected access restriction notice is responded to in accordance with a prescribed transmission policy.

    [0005] It is therefore the object of the invention to provided an improved method, email system and computer-readable medium for providing a data loss prevention policy on an email system on a single policy directive basis.

    [0006] This object is solved by the subject matter of the independent claims.

    [0007] Preferred embodiments are defined by the dependent claims.

    [0008] The following presents a simplified summary of the innovation in order to provide a basic understanding of some aspects described herein. This summary is not an extensive overview of the claimed subject matter. It is intended to neither identify key or critical elements of the claimed subject matter nor delineate the scope of the subject innovation. Its sole purpose is to present some concepts of the claimed subject matter in a simplified form as a prelude to the more detailed description that is presented later.

    [0009] Some embodiments of the present application provide for systems and/or methods for the implementation and/or enforcement of an email policy for an organization's email system are presented. A Data Loss Prevention (DLP) system may be implemented as part of the email system to affect an e-mail policy enforcement. In one embodiment, the DLP system may comprise modules and/or processing that apply a DLP defined policy. Such DLP policy may define what is considered sensitive information, how should that information be treated during the various stages of the e-mail lifecycle, such as e-mail authoring, email processing, e-mail auditing, and e-mail delivery mechanisms. In one embodiment, a single, common DLP Policy may be used to control all aspects of the e-mail lifecycle.

    [0010] In some embodiments, system and methods for the implementation and/or enforcement of an email policy for an organization's email system are presented. A DLP policy may be implemented on top of the email system. In one embodiment, the DLP policy may comprise modules and/or processing that tests emails for such sensitive data within emails. If an email comprises such sensitive data, then the DLP policy directives may specify processing to be applied as part of each stage of mail processing, from authoring to mail processing on the server and delivery. A single policy may be authored and managed that will apply the policy directives uniformly across all aspects of the message lifecycle. Each of the message policy enforcement systems may evaluate the single policy definition and apply the policy directives in a manner consistent with the contextual evaluation and enforcement of the policy. For example, a policy directive that identifies sensitive information may allow user override of the policy before sending the sensitive information. In this example, when sensitive information is detected, a user would provide a user notification of the discovered sensitive information and may insist that the user acknowledge sending of the sensitive information when evaluated in the authoring context. It may be desired that the same policy would test for the presence of the sender's override in the mail Meta-data when evaluated on the mail server or result in a Non-Delivery Report (NDR).

    [0011] One method embodiment comprises the steps of scanning and analyzing the email content for what is defined by the common policy as the sensitive information. Using a single policy definition of what is sensitive content is applied uniformly across the message content and any attachments contained within the message. The common policy definition is uniformly applied to extracted content in different types of file types that may be represented in attachments.

    [0012] One method embodiment comprises the steps of: receiving an email at said email server; sending the email to a DLP system module; the module applying the common DLP policy interpreted in the context of the e-mail server. Upon detecting sensitive data within the email, as defined by the common policy definition, applying the processing directives as specified in the policy. One such policy directive may be to reject mail messages unless the sender has decided to override the policy. Such override may be signaled by the presence of an override header within the email; if no override header is present in the email, sending an indication of at least one of a set of actions back to the user/author according to currently enabled processing modes in the DLP policy; and if an override header is present in the email, processing the email further according to DLP policy. Another policy directive may instruct to educate the users as to the sensitive information detected in the mail. For this policy directive, the email server would skip this directive as no-education directive is available nor enforced in the e-mail server. Another policy directive may instruct to reject mail submissions upon the detection of sensitive content, in which case the server would reject the e-mail message.

    [0013] In addition, one embodiment of a system is provided that comprising an email server; a set of email clients, the email clients in communication with the email server; a DLP system module, the DLP policy module capable of enforcing a set of policy rules upon emails authored by users of the email system; and wherein the DLP policy module further comprising a set of action modules, the action modules capable of testing the emails for sensitive data, determining if the emails contain the policy defined sensitive content, and applying the policy directives within the context of the authoring experience. One such policy directive may be to reject mail messages unless the sender has decided to override the policy. Such override, when evaluated in the authoring context, may result in insisting the user to override the mail policy before sending the mail. The user override action would then be recorded in the email as part of the policy processing data, for example as part of message header or MIME message content. If no override would be provided by the user, the sender would be prevented from sending the message per the common policy definition. Another policy directive may instruct to educate the users as to the sensitive information detected in the mail. For this policy directive, the authoring context may present information to the user of the detected sensitive content and the applicable policies governing that information without impacting the user's ability to transmit the information. Another policy directive may instruct to reject mail submissions upon the detection of sensitive content. For this policy directive, the authoring context may prevent the user from submitting the message into the mail system.

    [0014] In addition, one embodiment comprises the steps of: delivering an email at said email server to the recipient's mailbox; sending the email to a DLP system module; the module applying the common DLP policy interpreted in the context of the e-mail mailbox delivery system; the DLP policy module capable of enforcing a set of policy rules upon emails delivery system; and wherein the DLP policy module further comprising a set of action modules, the action modules capable of testing the emails for sensitive data, determining if the emails contain the policy defined sensitive content, and applying the policy directives within the context of the delivery system. One such policy directive may be to reject mail messages unless the sender has decided to override the policy. Such override, when evaluated in the delivery context, may result in insisting that the message have a header present indicating a previous action of the sender to override the mail policy before sending the mail. If no override header would be present, the mail would be removed and not delivered to the user. Another policy directive may instruct to educate the users as to the sensitive information detected in the mail. For this policy directive, the delivery context may apply disclaimer notifications to the mail indicating the presence of the sensitive information and insisting the receiver acknowledgement of the presence of this information before accessing the message content. Another policy directive may instruct to reject mail submissions upon the detection of sensitive content. For this policy directive, the delivery system would discard any messages received.

    [0015] Other features and aspects of the present system are presented below in the Detailed Description when read in connection with the drawings presented within this application.

    BRIEF DESCRIPTION OF THE DRAWINGS



    [0016] Exemplary embodiments are illustrated in referenced figures of the drawings. It is intended that the embodiments and figures disclosed herein are to be considered illustrative rather than restrictive.

    FIG. 1 depicts one embodiment of a system that affects policy systems as made in accordance with the principles of the present application.

    FIG. 2 depicts one embodiment of an implementation and operation of a policy system in a context of e-mail as made in accordance with the principles of the present application.

    FIG. 3 depicts one embodiment of a system mail server processing subsystem as it may interface with a policy system in the context of e-mail.

    FIG. 4 is one embodiment of one exemplary DLP policy directive, as it might be implemented for a putative customer email system in the context of the authoring and processing subsystems.


    DETAILED DESCRIPTION



    [0017] As utilized herein, terms "component," "system," "interface," and the like are intended to refer to a computer-related entity, either hardware, software (e.g., in execution), and/or firmware. For example, a component can be a process running on a processor, a processor, an object, an executable, a program, and/or a computer. By way of illustration, both an application running on a server and the server can be a component. One or more components can reside within a process and a component can be localized on one computer and/or distributed between two or more computers.

    [0018] The claimed subject matter is described with reference to the drawings, wherein like reference numerals are used to refer to like elements throughout. In the following description, for purposes of explanation, numerous specific details are set forth in order to provide a thorough understanding of the subject innovation. It may be evident, however, that the claimed subject matter may be practiced without these specific details. In other instances, well-known structures and devices are shown in block diagram form in order to facilitate describing the subject innovation.

    Introduction



    [0019] Several embodiments of the present application disclose systems, methods and mechanisms that affect an email policy object model that may comprise:
    1. (1) Semantics to express that a single policy definition may be shared in multiple policy enforcement points such as authoring, transport, delivery, audit with the appropriate action for each. The format for the common policy definitions which includes policy directive descriptions, definition of sensitive information and rules for its detection, policy overrides directive, policy education and notification directives, false positive reporting.
    2. (2) Single policy object which expresses the definition and heuristics for discovery of sensitive information across multiple policy enforcement points such as authoring, transport, delivery, audit etc.
    3. (3) Multiple modes for a policy that affect its application within each policy enforcement points and results in a contextual application within it. Test mode that allows administrators to model the impact of the policy before it is enforced. Test mode with notifications that educates and notifies the Information Workers (IWs) about the impact of the policy before it is enforced. Enforcement mode which both communicates the policy to admin and IW and enforces the policy directive.
    4. (4) Semantics to express at authoring time that the policy may be overridden by the end user and the modifications respected in transport, delivery, at rest.
    5. (5) Semantics for modeling the user interface affects as part of policy creation.
    6. (6) Multiple linked objects which express the policy in different locations such as e-mail client, transport, mailbox.
    7. (7) Formats for carrying policy modification from the end user along with the e-mail so that they can be respected in transport, delivery, at rest, etc. Includes policy overrides, false positive reporting.
    8. (8) Aggregation and presentation of the policy audit information collected across the different policy enforcement mechanisms through the lifecycle of the information protection such as e-mail client, transport, and rest.


    [0020] Several operations that may operate upon the policy may comprise: Creation, Update, Reads, Deletions of the object and linked objects that express the policy in different locations

    [0021] In addition, the runtime behavior for mail subject to the policy may comprise: Detection, Enforcement, Logging, Reporting, and End user policy directive interactions.

    One Embodiment



    [0022] FIG. 1 is a schematic diagram of a policy system as made in accordance with the principles of the present application. As may be seen in this embodiment, there may be several general policy modules that may work with various electronic storage and/or servers that may be set across a given organization. Broadly, there may be a Policy Management System, multiple policy enforcement points, and an Audit System for the setting and testing of a policy, respectively.

    [0023] As may be seen in FIG. 1, Policy Management System 100 may comprise a policy authoring system 102, a policy store 104, a policy dissemination system 106. As will be discussed in further detail herein, these policy modules may be employed to set and disseminate a policy for the organization. Policy may be affected by various policy translation/mapping systems 108 - which understand the generic policy directives and transform them to the contextually understood format by the policy enforcement points, which may interface with various electronic data subsystems - e.g., Mail Delivery Systems 110, mail client systems like Microsoft Outlook® system 112, information management systems like Microsoft Sharepoint® system 114, File Systems 116, Web Server 118 or other suitable electronic data subsystems that are capable of policy enforcement and application.

    [0024] Within these policy enforcement subsystems, there may be modules therein that implement the policies effectively within the subsystems. For example, such modules may be policy consumption, local contextual processing -- which may further comprise contextual policy evaluation, contextual policy enforcement, and contextual policy presentation.

    [0025] As a part of these subsystems, it may be desirable to have a contextual audit data generator. These audit data generators may be in communication with an audit aggregation system 122 and an audit presentation system 124.

    [0026] It should be appreciated that many other architectures are possible for implementing a policy system that may interface with an organization's software suite - e.g., email, file servers, web interfaces and the like. In addition, it may be possible (and maybe desirable) for certain policy modules (for example, the policy authoring and store, and audit functions) to be hosted apart from the organization and supplied otherwise (e.g., server/client relationship, cloud-based services or the like).

    [0027] Once a policy system is implemented or otherwise configured for an organization, such policy systems take on a runtime dynamic. FIG. 2 depicts one embodiment of a runtime dynamic 200, as it might apply to an exemplary email flow policy application. The organization will typically have its email system and/or server 202 prior to the implementation of a policy system that will operated on top of, or otherwise cooperatively, with the email system.

    [0028] The policy system may consume policy content from multiple sources. One such source may be as supplied with the system itself in the form of out-of-box (OOB) set of policy templates that are available as part of the product and may be acquired and installed by a tenant system administrator and/or other suitable users 206. Another source may be from Independent Software Vendors (ISVs) and product partners, and consultants that provide custom policy content for the consumption by the target organization. 204 may supply the organization with custom DLP policies. In either case, administrator 206 may perform particular configuration of a DLP policy system - in this case, working with the organization's email system. In addition to the installation/creation of the policy, it may be desirable that ongoing policy maintenance and tuning may be performed by in-house personnel or external contractors or vendors -- such as the tenant administrator or by the ISVs, partners, and/or consultants. These may be represented by multiple operations such as 206 and 204.

    [0029] In operation, the policy directives may include operations in contexts that the information workers interact with, such as Outlook 210a or generic email client 210b, that may result in the active education and/or notification of the policy to the organization's users. The policy directives would determine what content is considered sensitive and define the rules governing its usage/handling within the organization. Both, what is the sensitive content and rules governing its usage can be disseminated to both the electronic file systems (via the policy dissemination module of FIG. 1) - as well as the end users, as part of the policy directives, by sending indications and/or notifications of actions taken (or to be taken) by the system, (e.g., email with patient information, trade secret information or the like) in response to common policy directives being triggered. The policy directive may allow the user of sending this information unrestricted, require explicit acknowledgement that the communication contains sensitive information and the user takes responsibility for its disclosure, or prevention of sharing outright.

    [0030] Once received, email server may process the email according to the same policy definition for policy consideration, compliance and/or processing directly (or the policy system may be operating apart from the email server in a server/client relationship or the like) by a DLP evaluation module. Once the email is scanned for sensitive content, additional actions may take place such as holding the email prior to sending outside the email server, the organization or the like. Any non-compliance with policy (or period reports of generally compliant email traffic) may be sent to an auditor 212 for follow up. Such follow-up may be to retrain affected employees - or it may detect some error in the dynamic flow and/or operation of the policy system. Any policy processing errors may be referred back to either the system administrator or to the ISV for correction. The mail processing server will enforce that the policy was uniformly applied no matter what client was used as part of the authoring experience. If the policy requires sender acknowledgements, these may be enforced for presence or the mail will be rejected back to the sender.

    [0031] Figure 3 is the e-mail server processing details of the policy application - e.g. exchange server (box 202 in figure 2). FIG. 3 depicts one possible embodiment of a system mail processing subsystem 300 as it may interface with a policy system. The e-mail server's policy processing may be performed by an agent that is activated at various stages of mail processing. One such agent could be the exchange transport rules agent 302 which may employ processing of content analysis predicate 302a in conjunction with schema for content analysis predicated 318. Transport rules may be stored in 316 and administrators/user may edit content analysis predicates with module 314b via a UI 314.

    [0032] The agent may interface with a message content and attachment text extraction module (referred to herein as "FIPS") 306 and content analysis module to scan for sensitive content. FIPS may be affected as a component that does the content extraction and conversion to text (e.g., both mail messages and attachments) and may pass the extracted content into the classification engine for analysis of any sensitive content as defined by the policy directives. FIPS may comprise a text extraction engine 306b and communication modules with text extraction engine and the content analysis engine, 306a and 306c respectively. FIPS may be the same as the DLP policy evaluation - e.g., it may be constructed as a sub-component making up DLP policy evaluation module - i.e., the one that does text extraction which is then fed into the classification engine for analysis for any sensitive information as defined by the DLP policy.

    [0033] The text extraction module may interface (perhaps via a communication protocol 308) with the content analysis/scanning engine/module 310 which may perform the text analysis on the text identified with the e-mail bodies and any attachments. The text analysis engine may identify sensitive content based on the policy information which has been stored in the content rules store 312 such as AD. Such rules may be edited by administrators/users via module 314a via UI 314.

    Single Policy Directive



    [0034] As noted herein, a DLP policy may be implemented on top of the email system. In one embodiment, the DLP policy may comprise modules and/or processing that tests emails for such sensitive data within emails. If an email comprises such sensitive data, then the DLP policy directives may specify processing to be applied as part of each stage of mail processing, from authoring to mail processing on the server and delivery. A single policy may be authored and managed that will apply the policy directives uniformly across all aspects of the message lifecycle. Each of the message policy enforcement systems may evaluate the single policy definition and apply the policy directives in a manner consistent with the contextual evaluation and enforcement of the policy. For example, a policy directive that identifies sensitive information may allow user override of the policy before sending the sensitive information would provide a user notification of the discovered sensitive information and may insist that the user acknowledge sending of the sensitive information when evaluated in the authoring context. It may be desired that the same policy would test for the presence of the sender's override in the mail Meta data when evaluated on the mail server or result in a Non-Delivery Report (NDR).

    [0035] Common policy directives may comprise a set of policy directive primitives and/or definitions that the administrator or other suitable users find as desired treatment for the implementation of policy across an entire lifecycle of an email or other electronic document. Many such common policy directive definitions and/or primitives are given throughout this application.

    [0036] In other embodiments, the common policy directives could be construed and/or selected as common and/or fundamental and/or primitive to a set of different policies (that the organization may want to apply) and/or a set of different electronic file systems (such as email, web server, file servers or the like). For merely one example, different regulatory policies may be conceived as having a common set of directives and associated actions that appear common to that set of regulatory policies. The same may be implemented for organizational policy or any set of policies (emanating from whatever source) may apply. Once the common policy directives are defined, these directives may be disseminated to the organization's electronic servers, as is desirable by an administrator or other suitable entity. At any time during the lifecycle of an email (authoring, sending or the like), the email system may check to see if any single policy directive has been triggered, and if so, to apply any action associated with the directive.

    [0037] In one embodiment, the systems and/or methods may comprise components implementing the steps of scanning and analyzing the email content for what is defined by the common policy as the sensitive information. Using a single policy definition of what is sensitive content may then be applied uniformly across the message content and any attachments contained within the message. The common policy definition is uniformly applied to extracted content in different types of file types that may be represented in attachments.

    [0038] In another embodiment, the systems and/or methods may comprise components implementing the steps of: receiving an email at said email server; sending the email to a DLP system module; the module applying the common DLP policy interpreted in the context of the e-mail server. Upon detecting sensitive data within the email, as defined by the common policy definition, applying the processing directives as specified in the policy. One such policy directive may be to reject mail messages unless the sender has decided to override the policy. Such override may be signaled by the presence of an override header within the email; if no override header is present in the email, sending an indication of at least one of a set of actions back to the user/author according to currently enabled processing modes in the DLP policy; and if an override header is present in the email, processing the email further according to DLP policy. Another policy directive may instruct to educate the users as to the sensitive information detected in the mail. For this policy directive, the email server would skip this directive as no-education directive is available nor enforced in the e-mail server. Another policy directive may instruct to reject mail submissions upon the detection of sensitive content, in which case the server would reject the e-mail message.

    [0039] In addition, one embodiment of a system is provided that comprising an email server; a set of email clients, the email clients in communication with the email server; a DLP system module, the DLP policy module capable of enforcing a set of policy rules upon emails authored by users of the email system; and wherein the DLP policy module further comprising a set of action modules, the action modules capable of testing the emails for sensitive data, determining if the emails contain the policy defined sensitive content, and applying the policy directives within the context of the authoring experience. One such policy directive may be to reject mail messages unless the sender has decided to override the policy. Such override, when evaluated in the authoring context, may result in insisting the user to override the mail policy before sending the mail. The user override action would then be recorded in the email as part of the policy processing data, for example as part of message header or MIME message content. If no override would be provided by the user, the sender would be prevented from sending the message per the common policy definition. Another policy directive may instruct to educate the users as to the sensitive information detected in the mail. For this policy directive, the authoring context may present information to the user of the detected sensitive content and the applicable policies governing that information without impacting the user's ability to transmit the information. Another policy directive may instruct to reject mail submissions upon the detection of sensitive content. For this policy directive, the authoring context may prevent the user from submitting the message into the mail system.

    [0040] In addition, one embodiment comprises the steps of: delivering an email at said email server to the recipient's mailbox; sending the email to a DLP system module; the module applying the common DLP policy interpreted in the context of the e-mail mailbox delivery system; the DLP policy module capable of enforcing a set of policy rules upon emails delivery system; and wherein the DLP policy module further comprising a set of action modules, the action modules capable of testing the emails for sensitive data, determining if the emails contain the policy defined sensitive content, and applying the policy directives within the context of the delivery system. One such policy directive may be to reject mail messages unless the sender has decided to override the policy. Such override, when evaluated in the delivery context, may result in insisting that the message have a header present indicating a previous action of the sender to override the mail policy before sending the mail. If no override header would be present, the mail would be removed and not delivered to the user. Another policy directive may instruct to educate the users as to the sensitive information detected in the mail. For this policy directive, the delivery context may apply disclaimer notifications to the mail indicating the presence of the sensitive information and insisting the receiver acknowledgement of the presence of this information before accessing the message content. Another policy directive may instruct to reject mail submissions upon the detection of sensitive content. For this policy directive, the delivery system would discard any messages received.

    Email System Embodiment with NotifySender Action



    [0041] FIG. 4 depicts one embodiment of an email system 400 comprising DLP policy and affecting a NotifySender Action as made in accordance with the principles of the present application. NotifySender is an exemplary DLP policy directive. As may be seen, a user may interface with an email client on a laptop, computer and/or terminal 402. In this case, the user may be crafting an email and the email client will apply any applicable policy. The policy will be interpreted in the authoring context for evaluation and application. For example, a Block Override Nudge policy experience which will prevent the user from sending a message with identified sensitive content unless the user has explicitly overridden the policy to allow an exception. Such experience may be based upon the policy definition. The result of the user's actions will be recorded in the message in the header information and/or MAPI properties of the message, indicating the user's policy action if any. In one embodiment, a Block Override may be affected as a policy directive that will block sending of the mail unless the user has explicitly overridden the policy action and acknowledges the disclosure of the sensitive information identified by the policy. It will be appreciated that Block Override is just one example of a policy directive. Another example may be a Notification and Blocking described earlier.

    [0042] In this example, because the user overrides the policy action, and the policy directive allows the sender to override the policy, the user's email is modified to also include meta data describing the user's actions (MAPI properties and mail header information) This email is ultimately received by the email server 404 and the server 404 may have the email evaluated and processed by several processes. The server processes ensure the policy is being applied consistently and uniformly. This includes the server evaluating the policy directives, which may require the re-scan of the content, and if any sensitive content is discovered matching the policy directive, evaluating that the policy directive has been applied per definition and applying further processing. In policy directives that require a user action at the previous stages of mail processing lifecycle (like authoring), the server validates that the mail contains the expected user operations recorded in it. In one embodiment, the email, its contents and its attachments are sent forward to FIPS processing and its associated data classification result, per the policy directive. If the policy defined IW/sender actions have not been applied, the policy results in the email being rejected by the mail server.

    [0043] The email (and optionally, the results from FIPS processing) may be sent forward from the email server to a DLP Policy Evaluation. Alternatively, both the DLP Policy Evaluation and/or the FIPS processing may reside at the email server and processing may be performed locally.

    [0044] In one embodiment, once the email is sent to the DLP Policy Evaluation module, the email and any of its associated data may be examined for the inclusion of any sensitive data with the data and/or metadata associated with the email. If such sensitive data is detected, then the email system may take a number of actions, depending on what is defined in the DLP policy directives.

    [0045] For one example, (and as may be seen as part of the DLP Policy Evaluation in FIG. 4), the email and associated data/metadata may be sent to one processing module - e.g., NotifySender Action 408. As shown in FIG. 4, NotifySender may inquire (at 408a) whether there is an override header present in the email. If not, the system may generate a NDR at 408b - and optionally, include additional instructions to the sender in the NDR instructing them on how to override the original mail and re-send the email. Such email may be sent at 408c. Alternatively, if the DLP policy directive required an override and such override was present then the DLP policy directive is satisfied 408d and further policy directives will be evaluate and applied. The system will continue to process the email in accordance with the DLP policy directives that are applicable to this mail. Per other DLP policy directives, the system may also log the IW's override and include such override in a DLP mail report that would be sent to the auditor mailbox. It will be appreciated that NotifySender action is one of many possible policy directives that the DLP Policy may affect and/or enable. Such different modules may be enabled at different times for different purposes, according to rules set by the administrator, other users or entities.

    [0046] In another embodiment, an email system having a DLP policy module may further comprise a single policy enforcement module. Such a single policy enforcement module may be able to propagate, share or otherwise make available any information regarding actions taken for enforcement of policy directives and/or rules and make such information available to other electronic file systems and any associated policy modules.

    NotifySender



    [0047] As noted, NotifySender action may be employed to configure DLP policy directive that is both evaluated in the email client policy enforcement point (outlook) and also the same directive is enforced by the mail server policy enforcement. In one embodiment, NotifySender action may augment email system configurations that may employ other mechanisms - e.g., policy nudge rules (PNRs). This action maps to the policy nudge, block nudge and block override nudge client experiences. The action may Non-Delivery Report (NDR) the message depending on the configuration and the action taken by the sender.

    [0048] The following table describes in greater detail the "NotifySender Action":
    Action NameNotifySender
    Action Parameters One of the following enum values:
      {NotifyOnly, RejectMessage, Rej ectUnlessFalsePositiveOverride, Rej ectUnlessSilentOverride, Rej ectUnlessExplicitOverride }
    Description Defines a DLP policy directive that is both evaluated on the server and in the outlook client policy enforcement points. On the outlook client, it controls the policy nudge, block nudge and block override nudge policy configurations. Depending on the sub-option, may represent policy action only on the client or also processing on the server.
    Example new-transportRule "pci-dss" -sentToScope NotInOrganization - MessageContainsDataClassification @{Name="Social Security Number"} - GenerateIncidentReport dlpincidents@acme.org - ReportSeverityLevel High -NotifySender RejectUnlessExplicitOverride - RejectMessageReasonText "Mail flow policy prevented delivery of this mail based on detected sensitive content"

    Additional Embodiments of NotifySender



    [0049] The following comprise additional modes of processing for NotifySender actions:
    1. (1) NotifyOnly - This may embody "Client-only" behavior. This may be substantially equivalent to the "policy nudge client" experience - and may have no appreciable impact on mail flow aside from educating the user of the presence of the sensitive information as defined by the policy.
    2. (2) RejectMessage - This may be substantially equivalent to the "block policy nudge" client experience. In this embodiment, the server may NDR the message. In addition, false positive submissions from the client may result in NDR as well.
    3. (3) RejectUnlessFalsePositiveOverride - The client may indicate sensitive content detected and allows sender to override as false positive (as seen in FIG. 4). In addition, a transport rule agent may NDR message unless false positive header is present.
    4. (4) RejectUnlessSilentOverride - NDR message may be sent unless sender has indicated override header (false positive or other). Client indicates sensitive content has been detected and allows sender to override because of false positive or other reason.
    5. (5) RejectUnlessExplicitOverride - NDR message may be sent unless sender has indicated override header (false positive or other) - same server behavior as RejectUnlessSilentOverride. Client indicates sensitive content has been detected and allows sender to override because of false positive or other reason and sender may enter justification.


    [0050] Two other policy directives - RejectMessageReasonText and RejectEnhancedStatusCode -- may be combined with this action to customize the NDR behavior. These directives may be applicable to any condition for which the action results in a NDR. When specified with NotifyOnly, a warning should be emitted that the option will not be used on the server processing since NotifyOnly implies client only processing.

    Incident Reporting and Auditing



    [0051] In some embodiment, the system may generate reports of detected sensitive information and resulting actions carried on the email per the definitions in the policy directive. The GeneratelncidentReport policy directive will generate the incident report even if the evaluation of the policy directive results in the message's NDR. The report may include client-supplied content, including the following possible additional details in the incident report: (1) if sender override was specified; (2) any business justification text submitted by the sender (if any); and/or (3) if sender marked the mail as false positive.

    [0052] In addition to incident reporting, the policy system includes an audit directive. The auditing module may report to the system, administrator or other authorized entities the DLP policy directives applied to the mail content. The auditing module may send a compilation of data that is comprised in the incident reports, possibly happening over a specified period of time. In one embodiment, policy directive auditing may be implemented and may result in the inclusion of client-supplied content indicating: (1) if sender override was specified; (2) any business justification text submitted by the sender (if any); and/or (3) if sender marked the mail as false positive

    [0053] What has been described above includes examples of the subject innovation. It is, of course, not possible to describe every conceivable combination of components or methodologies for purposes of describing the claimed subject matter, but one of ordinary skill in the art may recognize that many further combinations and permutations of the subject innovation are possible.

    [0054] In particular and in regard to the various functions performed by the above described components, devices, circuits, systems and the like, the terms (including a reference to a "means") used to describe such components are intended to correspond, unless otherwise indicated, to any component which performs the specified function of the described component (e.g., a functional equivalent), even though not structurally equivalent to the disclosed structure, which performs the function in the herein illustrated exemplary aspects of the claimed subject matter. In this regard, it will also be recognized that the innovation includes a system as well as a computer-readable medium having computer-executable instructions for performing the acts and/or events of the various methods of the claimed subject matter.

    [0055] In addition, while a particular feature of the subject innovation may have been disclosed with respect to only one of several implementations, such feature may be combined with one or more other features of the other implementations as may be desired and advantageous for any given or particular application. Furthermore, to the extent that the terms "includes," and "including" and variants thereof are used in either the detailed description or the claims, these terms are intended to be inclusive in a manner similar to the term "comprising."


    Claims

    1. A method for providing a data loss prevention, DLP, policy on an email system on a single policy directive basis for sharing a set of single policy definition in multiple policy enforcement points with an appropriate action for each of the plurality of policy enforcement points, said email system comprising said multiple of policy enforcement points comprising an email server (110) and a set of email clients (112), said email clients in communication with said email server, said DLP policy comprising a set of modules, the steps of said method comprising:

    defining the set of single policy definitions, said single policy definition comprising a generic policy directive and an associate action;

    disseminating said set of single policy definitions to the multiple of policy enforcement points, wherein each of the multiple of policy enforcement points comprises a translation/mapping system (108) which understands the generic policy directive and transforms the generic policy directive to a directive in a contextually understood format by the respective policy enforcement point;

    processing an email with said email system, said email authored by a user, wherein each of the policy enforcement points is adapted to evaluate the single policy definition and to apply the directives in a manner consistent with a contextual evaluation and enforcement of the single policy; and

    if one of the single policy directive is triggered, applying an action associated with said single policy action.


     
    2. The method of Claim 1 wherein the step of defining a set of single policy definitions further comprises:

    defining a set of policies to be applied to said email system; and

    selecting a set of common directive and associated actions from said set of policies.


     
    3. The method of Claim 1 wherein said step of disseminating said set of single policy definitions further comprises:
    disseminating said set of single policy definitions to said policy enforcement points of said email system via a policy dissemination module.
     
    4. The method of Claim 1 wherein said step of disseminating said set of single policy definitions further comprises:
    sending to users an indication of actions by said email system in response to directives being triggered.
     
    5. The method of Claim 1 wherein said step of processing an email with said email system, said email authored by a user further comprises:
    sending the email to a DLP policy evaluation module.
     
    6. An email system for affecting an data loss prevention, DLP, policy and for sharing a set of single policy definition in multiple policy enforcement points with an appropriate action for each of the plurality of policy enforcement points, said email system comprising: multiple policy enforcement points, comprising:

    an email server (110); and

    a set of email clients (112), said email clients in communication with said email server;
    means for disseminating said set of single policy definitions to the multiple of policy enforcement points;
    means for enforcing the set of policy rules upon emails authored by users of said email system; and
    wherein said single policy definitions comprising a generic policy directive and an associate action, wherein each of the policy enforcement points comprises a translation/mapping system (108) which understands the generic policy directive and transforms the generic policy directive to a directive in a contextually understood format by the respective policy enforcement point, and wherein each of the policy enforcement points is adapted to evaluate the single policy definition and to apply the directives in a manner consistent with a contextual evaluation and enforcement of the single policy, and further comprising:
    means capable of testing said emails for sensitive data as defined in a directive and capable of taking the associated action.


     
    7. The system of Claim 6 wherein said system further comprises:
    a single policy enforcement module, said single policy enforcement module capable of making available information regarding actions taken for said email system to other electronic file systems and their associated policy modules.
     
    8. The system of Claim 6, further comprising a DLP policy module, wherein said DLP policy module comprises:
    an incident reporting module, said incident reporting module capable of reporting the triggering of single policy definitions.
     
    9. The system of Claim 6, further comprising a DLP policy module, wherein said DLP policy module comprises:
    an auditing module, said auditing module providing performance data of said DLP policy module over a specified period of time.
     
    10. One or more computer-readable storage media comprising executable instructions by a processor, and said processor executing said instructions is capable of performing a method for sharing a set of single policy definition in multiple policy enforcement points with an appropriate action for each of the plurality of policy enforcement points, wherein said enforcement points comprise an email server (110) and a set of email clients (112), wherein said email clients are in communication with said email server, the method comprising:

    disseminating said set of single policy definitions to the multiple policy enforcement points, said single policy definition comprising a generic policy directive and an associate action, wherein each of the multiple of policy enforcement points comprises a translation/mapping system (108) which understands the generic policy directive and transforms the generic policy directive to a directive in a contextually understood format by the respective policy enforcement point;

    processing an email, said email authored by a user, wherein each of the policy enforcement points is adapted to evaluate the single policy definition and to apply the directives in a manner consistent with a contextual evaluation and enforcement of the single policy; and

    if one of the single policy directive is triggered, applying an action associated with said single policy action.


     


    Ansprüche

    1. Verfahren zum Bereitstellen einer Datenverlustverhinderungs-, DLP-, Richtlinie auf einem E-Mail-System auf der Basis einer Einzelrichtlinien-Direktive zum gemeinsamen Nutzen eines Satzes von Einzelrichtlinien-Definitionen in zahlreichen Richtlinien-Durchsetzungspunkten mit einer geeigneten Maßnahme für jeden der zahlreichen Richtlinien-Durchsetzungspunkte, wobei das E-Mail-System die zahlreichen Richtlinien-Durchsetzungspunkte umfasst, die einen E-Mail-Server (110) und einen Satz von E-Mail-Clients (112) umfassen, die E-Mail-Clients mit dem E-Mail-Server kommunizieren, die DLP-Richtlinie einen Satz von Modulen umfasst und die Schritte des Verfahrens umfassen:

    Definieren des Satzes von Einzelrichtlinien-Definitionen, wobei die Einzelrichtlinien-Definition eine generische Richtlinien-Direktive und eine zugehörige Maßnahme umfasst;

    Verbreiten des Satzes von Einzelrichtlinien-Definitionen an die Vielzahl von Richtlinien-Durchsetzungspunkten, wobei jeder der Vielzahl von Richtlinien-Durchsetzungspunkten ein Übersetzungs-/Abbildungssystem (108) umfasst, das die generische Richtlinien-Direktive versteht und die generische Richtlinien-Direktive in eine Richtlinie in einem kontextuell verstandenen Format durch den jeweiligen Richtlinien-Durchsetzungspunkt umwandelt;

    Verarbeiten einer E-Mail mit dem E-Mail-System, wobei die E-Mail von einem Benutzer verfasst wurde, und jeder der Richtlinien-Durchsetzungspunkte dazu eingerichtet ist, die Einzelrichtlinien-Definition zu bewerten und die Direktiven in einer Weise anzuwenden, die mit einer kontextuellen Bewertung und Durchsetzung der Einzelrichtlinie konsistent ist; und

    wenn eine der Einzelrichtlinien-Direktiven ausgelöst wird, Anwenden einer Maßnahme, die mit der Einzelrichtlinien-Maßnahme assoziiert ist.


     
    2. Verfahren nach Anspruch 1, bei dem der Schritt des Definierens eines Satzes von Einzelrichtlinien-Definitionen weiterhin umfasst:

    Definieren eines Satzes von Richtlinien, die auf das E-Mail-System anzuwenden sind; und

    Auswählen eines Satzes gemeinsamer Direktiven und damit verbundenen Maßnahmen aus diesem Satz von Richtlinien.


     
    3. Verfahren nach Anspruch 1, bei dem der Schritt der Verbreitung des Satzes von Einzelrichtlinien-Definitionen weiterhin umfasst:
    Verbreiten des Satzes von Einzelrichtlinien-Definitionen an die Richtlinien-Durchsetzungspunkte des E-Mail-Systems über ein Richtlinien-Verbreitungsmodul.
     
    4. Verfahren nach Anspruch 1, bei dem der Schritt des Verbreitens des Satzes von Einzelrichtlinien-Definitionen weiterhin umfasst:
    Senden einer Anzeige von Maßnahmen durch das E-Mail-System an Benutzer als Antwort auf das Auslösen von Direktiven.
     
    5. Verfahren nach Anspruch 1, bei dem der Schritt der Verarbeitung einer E-Mail mit dem E-Mail-System - wobei die E-Mail von einem Benutzer verfasst ist - weiterhin umfasst:
    Senden der E-Mail an ein DLP-Richtlinien-Bewertungsmodul.
     
    6. E-Mail-System zur Beeinflussung einer Datenverlustverhinderungs-, DLP-, Richtlinie und zur gemeinsamen Nutzung eines Satzes von Einzelrichtlinien-Definitionen in zahlreichen Richtlinien-Durchsetzungspunkten mit einer geeigneten Maßnahme für jeden der zahlreichen Richtlinien-Durchsetzungspunkte, wobei das E-Mail-System umfasst:

    zahlreiche Richtlinien-Durchsetzungspunkte, umfassend:

    einen E-Mail-Server (110); und

    eine Reihe von E-Mail-Clients (112), wobei die E-Mail-Clients mit dem E-Mail-Server kommunizieren;

    eine Einrichtung zum Verbreiten des Satzes von Einzelrichtlinien-Definitionen an zahlreiche Richtlinien-Durchsetzungspunkte;

    eine Einrichtung zum Durchsetzen des Satzes von Richtlinien-Regeln bei E-Mails, die von Benutzern des E-Mail-Systems verfasst wurden; wobei

    die Einzelrichtlinien-Definitionen eine generische Richtlinien-Direktive und eine zugehörige Maßnahme umfassen, wobei jeder der Richtlinien-Durchsetzungspunkte ein Übersetzungs-/Abbildungssystem (108) umfasst, das die generische Richtlinien-Direktive versteht und die generische Richtlinien-Direktive in eine Direktive in einem vom jeweiligen Richtlinien-Durchsetzungspunkte kontextuell verstandenen Format umwandelt und jeder der Richtlinien-Durchsetzungspunkte dazu eingerichtet ist, die Einzelrichtlinien-Definition zu bewerten und die Direktiven in einer Weise anzuwenden, die mit einer kontextuellen Bewertung und Durchsetzung der Einzelrichtlinie übereinstimmt, und weiterhin umfassend:
    eine Einrichtung, die in der Lage ist, die E-Mails auf sensible Daten, wie sie in einer Direktive definiert sind, zu testen, und in der Lage ist, die damit verbundene Maßnahme zu ergreifen.


     
    7. System nach Anspruch 6, wobei das System weiterhin umfasst:
    ein Einzelrichtlinien-Durchsetzungsmodul, wobei das Einzelrichtlinien-Durchsetzungsmodul in der Lage ist, Informationen bezüglich der für das E-Mail-System ergriffenen Maßnahmen anderen elektronischen Dateisystemen und ihren zugehörigen Richtlinienmodulen zur Verfügung zu stellen.
     
    8. System nach Anspruch 6, weiterhin umfassend ein DLP-Richtlinienmodul, wobei das DLP-Richtlinienmodul umfasst:
    ein Vorfallmeldemodul, wobei das Vorfallmeldemodul in der Lage ist, das Auslösen Einzelrichtlinien-Definitionen zu melden.
     
    9. System nach Anspruch 6, weiterhin umfassend ein DLP-Richtlinienmodul, wobei das DLP-Richtlinienmodul umfasst:
    ein Überprüfungsmodul, wobei das Überprüfungsmodul Leistungsdaten des DLP-Richtlinienmoduls über eine bestimmte Zeitspanne bereitstellt.
     
    10. Ein oder zahlreiche computerlesbare Speichermedien, die durch einen Prozessor ausführbare Anweisungen umfassen, wobei der Prozessor, der die Anweisungen ausführt, in der Lage ist, ein Verfahren zur gemeinsamen Nutzung eines Satzes von Einzelrichtlinien-Definitionen in zahlreichen Richtlinien-Durchsetzungspunkten mit einer geeigneten Maßnahme für jeden der zahlreichen Richtlinien-Durchsetzungspunkte auszuführen, wobei die Durchsetzungspunkte einen E-Mail-Server (110) und einen Satz von E-Mail-Clients (112) umfassen, die E-Mail-Clients mit dem E-Mail-Server kommunizieren und das Verfahren umfasst:

    Verbreiten des Satzes von Einzelrichtlinien-Definitionen an die zahlreichen Durchsetzungspunkte, wobei die Einzelrichtlinien-Definition eine generische Richtlinien-Direktive und eine zugehörige Maßnahme umfasst und jeder der zahlreichen Durchsetzungspunkte ein Übersetzungs-/Abbildungssystem (108) umfasst, das die generische Richtlinien-Direktive versteht und die generische Richtlinien-Direktive in eine Direktive in einem kontextuell verstandenen Format durch den jeweiligen Durchsetzungspunkt umwandelt;

    Verarbeiten einer E-Mail, wobei die E-Mail von einem Benutzer verfasst wurde, wobei jeder der Richtlinien-Durchsetzungspunkte dazu eingerichtet ist, die Einzelrichtlinien-Definition zu bewerten und die Direktiven in einer Weise anzuwenden, die mit einer kontextbezogenen Bewertung und Durchsetzung der Einzelrichtlinie übereinstimmt; und

    wenn eine der Einzelrichtlinien-Direktiven ausgelöst wird, Anwenden einer Maßnahme, die mit der Einzelrichtlinien-Maßnahme assoziiert ist.


     


    Revendications

    1. Procédé de fourniture d'une politique de prévention de la perte de données, DLP, sur un système de messagerie électronique sur la base d'une directive de politique unique permettant de partager un ensemble de définitions de politique unique dans de multiples points d'application d'une politique grâce à une action appropriée pour chacun de la pluralité de points d'application de politique, ledit système de messagerie électronique comprenant lesdits multiples points parmi les points d'application de politique comprenant un serveur de messagerie électronique (110) et un ensemble de clients de messagerie électronique (112), lesdits clients de messagerie électronique étant en communication avec ledit serveur de messagerie électronique, ladite politique de prévention DLP comprenant un ensemble de modules, les étapes dudit procédé comprenant :

    la définition de l'ensemble de définitions de politique unique, ladite définition de politique unique comprenant une directive générique de politique et une action associée,

    la diffusion dudit ensemble de définitions de politique unique aux multiples points parmi les points d'application de politique, chacun des multiples points parmi les points d'application de politique comprenant un système de traduction ou de mappage (108) qui comprend la directive générique de politique et qui transforme la directive générique de politique en une directive dans un format compris contextuellement grâce au point respectif d'application de la politique,

    le traitement d'un message électronique avec ledit système de messagerie électronique, ledit message électronique étant rédigé par un utilisateur, chacun des points d'application de politique étant conçu pour évaluer la définition de politique unique et pour appliquer les directives de manière cohérente avec une évaluation contextuelle et l'application de la politique unique, et

    l'application d'une action associée à ladite action unique de politique si l'une des directives de politique unique est déclenchée.


     
    2. Procédé selon la revendication 1, dans lequel l'étape de définition d'un ensemble de définitions de politique unique comprend en outre :

    la définition d'un ensemble de règles à appliquer au dit système de messagerie électronique, et

    la sélection d'un ensemble de directives communes et d'actions associées à partir dudit ensemble de règles.


     
    3. Procédé selon la revendication 1, dans lequel ladite étape de diffusion dudit ensemble de définitions de politique unique comprend en outre :
    la diffusion dudit ensemble de définitions de politique unique aux dits points d'application de politique dudit système de messagerie électronique par l'intermédiaire d'un module de diffusion de politique.
     
    4. Procédé selon la revendication 1, dans lequel ladite étape de diffusion dudit ensemble de définitions de politique unique comprend en outre :
    l'envoi aux utilisateurs d'une indication des actions effectuées par ledit système de messagerie électronique en réponse aux directives déclenchées.
     
    5. Procédé selon la revendication 1, dans lequel ladite étape de traitement d'un message électronique avec ledit système de messagerie électronique, ledit message électronique étant rédigé par un utilisateur, comprend en outre :
    l'envoi du message électronique à un module d'évaluation de la politique de prévention DLP.
     
    6. Système de messagerie électronique permettant d'affecter une politique de prévention de perte des données, DLP, et de partager un ensemble de définitions de politique unique dans de multiples points d'application de politique grâce à une action appropriée pour chaque point de la pluralité de points d'application de politique, ledit système de messagerie électronique comprenant de multiples points d'application de politique, comprenant :

    un serveur de messagerie électronique (110), et

    un ensemble de clients de messagerie électronique (112), lesdits clients de messagerie électronique étant en communication avec ledit serveur de messagerie électronique,

    un moyen de diffusion dudit ensemble de définitions de politique unique aux multiples points parmi les points d'application de politique,

    un moyen d'application de l'ensemble de règles de politique lors des messages électroniques rédigés par des utilisateurs dudit système de messagerie électronique, et

    dans lequel lesdites définitions de politique unique comprennent une directive générique de politique et une action associée, chacun des points d'application de politique comprenant un système de traduction ou de mappage (108) qui comprend la directive générique de politique et qui transforme la directive générique de politique en une directive dans un format compris contextuellement grâce au point respectif d'application de la politique, et dans lequel chacun des points d'application de politique est conçu pour évaluer la définition de politique unique et pour appliquer les directives de manière cohérente avec une évaluation contextuelle et une application de la politique, et comprenant en outre :
    un moyen capable de tester lesdits messages électroniques en ce qui concerne des données sensibles telles qu'elles sont définies dans une directive, et capable de choisir l'action associée.


     
    7. Système selon la revendication 6, ledit système comprenant en outre :
    un module d'application de politique unique, ledit module d'application de politique unique étant capable de faire prendre à d'autres systèmes de fichiers électroniques et à leurs modules de politique associée les informations se rapportant aux actions pour ledit système de messagerie électronique.
     
    8. Système selon la revendication 6, comprenant en outre un module de politique de prévention DLP, ledit module de politique de prévention DLP comprenant :
    un module de signalisation d'incidents, ledit module de signalisation d'incidents pouvant signaler le déclenchement de définitions de politique unique.
     
    9. Système selon la revendication 6, comprenant en outre un module de politique de prévention DLP, ledit module de politique de prévention DLP comprenant :
    un module d'audit, ledit module d'audit procurant des données de performances sur ledit module de politique de prévention DLP pendant un intervalle de temps spécifié.
     
    10. Support unique ou multiple de stockage pouvant être lu par ordinateur comprenant des instructions exécutables par un processeur, et où ledit processeur exécutant lesdites instructions peut réaliser un procédé permettant de partager un ensemble de définitions de politique unique dans de multiples points d'application de politique grâce à une action appropriée pour chaque point de la pluralité de points d'application de politique, lesdits points d'application comprenant un serveur de messagerie électronique (110) et un ensemble de clients messagerie électroniques (112), lesdits clients de messagerie électronique étant en communication avec ledit serveur de messagerie électronique, le procédé comprenant :

    la diffusion dudit ensemble de définitions de politique unique aux multiples points d'application de politique, ladite définition de politique unique comprenant une directive générique de politique et une action associée, chacun des multiples points parmi les points d'application de politique comprenant un système de traduction ou de mappage (108) qui comprend la directive générique de politique et qui transforme la directive générique de politique en une directive dans un format compris contextuellement grâce au point respectif d'application de la politique,

    le traitement d'un message électronique, ledit message électronique étant rédigé par un utilisateur, chacun des points d'application de politique étant conçu pour évaluer la définition de politique unique et pour appliquer les directives de manière cohérente avec une évaluation contextuelle et l'application de la politique unique, et

    l'application d'une action associée à ladite action unique de politique si l'une des directives de politique unique est déclenchée.


     




    Drawing




















    Cited references

    REFERENCES CITED IN THE DESCRIPTION



    This list of references cited by the applicant is for the reader's convenience only. It does not form part of the European patent document. Even though great care has been taken in compiling the references, errors or omissions cannot be excluded and the EPO disclaims all liability in this regard.

    Patent documents cited in the description