Policy Enforcement

Organizations can use classification labels to enforce policy before the email even leaves the desktop. This helps to prevent inadvertent disclosure of sensitive information, and gives the user instant policy feedback through pop-up warnings. These policy checks include:

  • Content Validation: Scans email and attached documents after the user clicks Send, and highlights potential problems so that users can change the message content, redact parts of the content, or change the classification before the email leaves the desktop.
  • Trusted domains: Ensures that recipients are in approved email domains for the selected classification. This feature is typically used to prevent users from sending internal email to external recipients, or to block users from sending email to particular country domains.
  • Safe recipients: Prevents email from being sent to unauthorized internal recipients. For example, an email that is labeled "HR only" can be restricted only to those employees who are in the HR group.
  • Attachment checking: Checks the classification metadata and filenames of attached documents to ensure that the email classification is at the same level or higher. This prevents confidential documents and embedded email from being accidentally sent out with lower email classifications, such as "Public". Policy checks can also be applied based on file size, number of attachments, file types, or attachment metadata such as author or title.
  • No downgrade/no change: Prevents users from changing or downgrading classifications when they reply to or forward an email. For example, a "Confidential" email cannot be changed to “Public” to bypass a trusted domains check.
  • Maximum recipients: Warns users when they have selected a high number of recipients for the selected classification. This helps to prevent accidental disclosure of sensitive information to large distribution lists, including email sent with the Reply All option in Outlook.
  • Warn on send: Forces the user to acknowledge the organization’s classification policy before sending an email, and records the user’s response for potential use in auditing.

Policies are completely configurable by the administrator who can:

  • Apply policies to specific classification labels.
  • Customize the text on pop-up warnings.
  • Configure user permissions to override the policy warnings.
  • Force users to provide a reason for overriding a policy warning.

Content Validation policy warns users when message content is not appropriate for the selected classification

Content Validation policy warns users when message content is not appropriate for the selected classification

Trusted domains policy ensures recipients are in an approved email domain

Trusted domains policy ensures recipients are in an approved email domain

Safe recipients policy ensures internal recipients are authorized to receive the email

Safe recipients policy ensures internal recipients are authorized to receive the email

Attachment checking policy warns users when attaching sensitive documents to email

Attachment checking policy warns users when attaching sensitive documents to email

Book Live Demo
Free Trial
Top Resources

"The very nature of the information handled by our agency is sensitive. With the TITUS solution, we have confidence that information is being protectively marked and that it is staying within our organization when it travels via email."
— Mitch Levy, Assistant Secretary, DHS