Solved

Prevent specific users from attaching / sending files

Posted on 2007-11-25
13
270 Views
Last Modified: 2013-12-04
After a bit of research I have not been able to find a good answer to this question. I will accept recommendations to third party solutions as an answer if they work.

We are worried that a certain employee is going to send company data, excel, word etc. to a recently terminated employee. We have taken the steps of letting all employees know that sending privileged and private company information is a criminal offense which we will seek both criminal and civil remedy for.

We are thinking of implementing Spector Pro on the employees desktop for audit purposes. What we need is a mechanism to prevent the data leakage.

Does anyone know of a way to prevent a user or users (policy or group based) that will prevent specific attachments from being sent (either generically or to specified recipients or domains)?

Thanks in  advance.
0
Comment
Question by:ajulianolmv
  • 6
  • 5
  • 2
13 Comments
 
LVL 3

Accepted Solution

by:
Tom-J-Lael earned 500 total points
ID: 20347131
Are you running any third party Exchange level anti-virus?
I know that my Trend MIcro CSM SBM 3.6 lets me block attachments.
0
 

Author Comment

by:ajulianolmv
ID: 20347147
We are running TM also. I just logged into my system to see if I can find the settings you ar espeaking about
0
 
LVL 3

Expert Comment

by:Tom-J-Lael
ID: 20347150
0
 
LVL 3

Expert Comment

by:Tom-J-Lael
ID: 20347152
Ajulianolmv, do you use the Client/Server/Messaging suite?
0
 

Author Comment

by:ajulianolmv
ID: 20347163
Hate to say this but I am not sure.

I am new to the product. I have set up its spam filters.
0
 
LVL 3

Expert Comment

by:Tom-J-Lael
ID: 20347174
well. there should be an "about" section somewhere in your product that will tell you what you're running. If you're not running C/S/M (which is the security suite) then you're likely running just the Scan Mail product.

let me know what you find
0
Want to promote your upcoming event?

Attending an event? Speaking at a conference? Or exhibiting at a tradeshow? Easily inform your contacts by using a promotional banner in your email signature. This will ensure your organization’s most important contacts are in the know.

 

Author Comment

by:ajulianolmv
ID: 20347179
I am running CSM for smb 3.6
0
 

Author Comment

by:ajulianolmv
ID: 20347198
I am in the config screen at attachment blocking. It is not specific but seems that this relates to inbound attachments. Am I wrong?
0
 
LVL 3

Expert Comment

by:Tom-J-Lael
ID: 20347215
I do believe this will apply for both inbound and outbound simultaneously. I would enable a filter and quickly test it by sending yourself an email, with the specific attachment, to an outside email address.

I do think that TM's Scanmail product is more robust and may be able to do just the outbound scanning.
0
 

Author Comment

by:ajulianolmv
ID: 20347229
I will check out thier scanmail product. One of the requirements is that it be entitlement based. There are only certian users we want to block. I will let you know what I find out
0
 
LVL 104

Expert Comment

by:Sembee
ID: 20347364
How intelligent is the user?
If they can read the data then it can be taken away from your site. There is nothing you can to prevent that. Are you blocking access to all external email services? Not just Hotmail, Gmail, Yahoo mail, but every ISP's email interface? If not, then the data can escape. If the user wants something out badly enough, then it will escape.

Or is this just a trap? If it is a trap, then simply get the lawyers to send a letter telling him what you know or fire the guy anyway.

Simon.
0
 

Author Comment

by:ajulianolmv
ID: 20363340
Simon -

Have you investigated any encryption solutions that could work across the board?  

EFS could be good, except that it automatically unencrypts the file for the user to access - inherently making it a risk.

What I'd ideally like to do is to encrypt a specific file on a server and have the certificate only be accessible under specific programs.

I.e a word file that's encrypted until opened via my domain credentials? (and the attached cert) but that can only be decrypted by MS Word (so not by IE or FF or any other program really).

This way users can still send files via whatever protocol necessary, they'll just be sent in encrypted format and hence unreadable on the other side (or not even accessible to be attached a la EFS).

I'll likely repost this in another forum, but was curious if you had thoughts?
0
 
LVL 104

Expert Comment

by:Sembee
ID: 20364537
Never done anything like that. You will need to post elsewhere to get assistance with that.

Simon.
0

Featured Post

Do email signature updates give you a headache?

Do you feel like all of your time is spent managing email signatures? Too busy to visit every user’s desk to make updates? Want high-quality HTML signatures on all devices, including on mobiles and Macs? Then, let Exclaimer solve all your email signature problems today!

Join & Write a Comment

Utilizing an array to gracefully append to a list of EmailAddresses
Following basic email etiquette rules will help you write a professional email and achieve a good, lasting impression with your contacts.
In this video we show how to create a Distribution Group in Exchange 2013. We show this process by using the Exchange Admin Center. Log into Exchange Admin Center.: First we need to log into the Exchange Admin Center. Navigate to the Recipients >>…
In this video we show how to create an Accepted Domain in Exchange 2013. We show this process by using the Exchange Admin Center. Log into Exchange Admin Center.: First we need to log into the Exchange Admin Center. Navigate to the Mail Flow >> Ac…

747 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question

Need Help in Real-Time?

Connect with top rated Experts

11 Experts available now in Live!

Get 1:1 Help Now