Archive for ‘Content Aware Technology’

Classification and Organisational Risk

Wednesday, April 13th, 2016


It is a long held view by data classification advocates that the best people to classify data are the end users. After all, they’re the ones who know the content and understand how the data is to be used, right? Yet, some data breaches still happen because users are simply not aware of how sensitive the data truly is, or they don’t fully understand the consequences that disclosure of the data may have to the organisation.

One of the top reasons that customers purchase TITUS Classification Suite is to provide a tool to reinforce their data security education and awareness programs. The user-driven classification approach can be effective as long as your users understand the meaning of the classification labels they are assigning, as well as the definition of sensitive information in the context of your business. (more…)



Preventing a $25M Email Leak – UBS and RBS Examples

Friday, May 20th, 2011

With all the buzz around the Linked In IPO this week, financial services agencies are finding that data loss prevention is taking on a new urgency.  Financial data leaks are getting increasing press coverage and costing institutions significantly with fines, lost business, damage to reputation and regulatory sanctions.  The LinkedIn IPOs were underwritten by Morgan Stanley, JPMorgan Chase  and Bank of America and by all accounts was a huge success and went off without a hitch.



Ten Steps to Help Comply with State Breach Notification Legislation

Monday, April 11th, 2011

California was the first to enact Breach Notification legislation (SB 1386) back in 2003. Since then, most states (list of States and legislation included below) have passed some type of breach notification legislation that requires disclosure to consumers when personal information is compromised. In general, most state laws follow the basic tenets of California’s original law: companies must immediately disclose a data breach to customers, usually in writing. Some of the legislation varies, but most contain:




The importance of timely email content validation feedback

Friday, January 14th, 2011

Although it may seem like an easy task to select classifications on outgoing messages, email can be one of the most difficult types of corporate information content to classify and control in a practical way. Every organization has different internal information flows, and the timeliness of email messages in some workflows can be critical.

So, while automated Email filtering – or content validation – is becoming a staple of corporate networks, the basic architecture of the solution can have a significant impact on the efficiency of workflows and staff productivity. This article will highlight one of the challenges with applying content validation on email messages within an organization, and explain how Titus Message Classification can help ensure timely processing and feedback to users so they can get their jobs done more efficiently. (more…)



Simple, Low Cost Ways to Reduce Your ITAR and EAR Risk

Thursday, November 25th, 2010

In my previous blog entry, I talked about how export compliance is similar to airport security: when you involve users up front, you can dramatically lower the cost and increase the effectiveness of your program.

In this post, I will discuss specific technologies that make users a key part of an organization’s export control program. In particular, I’ll show how Titus security and compliance solutions provide a low cost, high impact method of reducing your ITAR and EAR risk.

As I wrote in my last entry, there are two main methods for involving users in an export compliance program: 1) Educate users up front; 2) Allow users to identify sensitive content. (more…)



Enhancing Inbound and Outbound Email Security – Integrating Titus Message Classification and Proofpoint

Friday, November 12th, 2010

Love it or hate it, email continues to be one of the primary methods for sharing information between employees, clients, partners and other organizations.

On average, corporate users will send 34 emails per day and receive almost 100. If you’re like me, you use email as your primary way to send all of your daily communications. My emails and likely yours, include all types of information, from very sensitive contractual and product information, to resumes and other personal and private information.

Although email is one of the best ways to communicate information, organizations must also ensure that information assets are managed and protected appropriately and that sensitive information is not used or distributed in inappropriate ways. Once it’s left your corporate network, messages can easily be forwarded to other individuals who may not be aware of the security of the information. This poses both security risks and liabilities to the organization if the information isn’t handled appropriately.

Thankfully there are ways to better protect incoming or outgoing information. One great solution is using the Proofpoint Email Security solution together with Titus Message and Document Classification applications.

Here’s how it works.

Proofpoint Email Security solutions scan email and attachments for spam and viruses. They can also scan incoming and outgoing email for key words. As the administrator, you can specify the words, phrases or information that you’d like to use in the scan. If the appliance finds a key word within a message or attached document, you can then also specify how the email should be treated. As an example, messages classified “Confidential” by Titus Message Classification, could be picked up at the Proofpoint email gateway and prevented from passing through the gateway.

There are endless ways of treating the information at the Proofpoint gateway. Options include: encrypting the message; quarantining it for review; or refusal to pass it through. With the persistence of the classification information applied by the Titus Message Classification solution, sensitive and confidential emails can be picked up at the email gateway and treated appropriately even after it’s left your network.

For incoming emails, key phrases can be used to determine the sensitivity of the information passing through the gateway. Based on the key words or phrases found at the Proofpoint gateway, the message can be given a Titus Message Classification which will be present when it’s received by the intended recipient. The message will then retain the classification as it’s replied to or forwarded to others.

If you’re interested we have provided more detail in a whitepaper on how to integrate Titus products and Proofpoint. As always, your feedback is welcome in the comments.



Outlook 2010 Security Changes You Should Know About

Wednesday, October 13th, 2010

While many of the features in Outlook 2010 are not security related, we’ll discuss an important new enhancement in the area of Information Rights Management (IRM) used to control how messages may be shared, as well as the removal of the Message Security feature.