Remove sensitive content
The Remove sensitive content action in CodeTwo Exchange Rules Pro is used to automatically filter confidential data and sensitive content in messages, using the phrases defined within the program's dictionary.
Each phrase used in the dictionary has its own score. On the other hand, each dictionary (collection of phrases) has a required cumulative score. Once the action is configured, the program searches for selected phrases in the content of a message and then compares the score of all found phrases with the required cumulative score of a corresponding dictionary. Finally, if the cumulative score is reached then the action is triggered.
The diagram below (Fig. 1.) shows how the Remove sensitive content action is processed by the program:
|Fig. 1. The diagram showing how the Remove Sensitive Content action is processed by the program.|
If the action is triggered the program will remove, mask or replace the sensitive content in messages that meet the criteria defined in Conditions.
Example of usage
This action may be used by the companies that are aware of the danger associated with letting users access corporate emails without any restrictions. As some messages may contain confidential data, it is practically impossible to supervise all mail in the company manually. With CodeTwo Exchange Rules Pro you can define the Remove sensitive content action that will delete the unwanted content automatically from the messages that travel through Exchange if they meet the defined criteria.
How to configure this action
To activate the action, click Add on the Actions tab and select Remove sensitive content (Fig. 2.).
|Fig. 2. Choosing the Remove Sensitive content action from the Actions tab.|
A new action will appear on the List of actions while the right pane will show the action's properties (Fig. 3.).
|Fig. 3. Properties of the Remove sensitive content action.|
The first thing you need to do is specify how the action should process the sensitive content once it is found within a message (Fig. 4.). The choice is between:
- removing the content - when a sensitive phrase is found it will be removed from the message content,
- masking the content - when a sensitive phrase is found it will be masked with **** in the place of letters,
- replacing the content - when a sensitive phrase is found it will be replaced with another chosen phrase.
|Fig. 4. Available actions which can be applied to sensitive content.|
The second important aspect is definition of phrases that will be searched by the program within the content of messages. The phrases can be selected on the properties pane that holds the available categories (dictionaries). You can either select an existing category or create a new one (as described further in this article). Select a category (dictionary) of your choice by checking the box next to it. If necessary, set the required cumulative score for a given dictionary (Fig. 5.).
|Fig. 5. Changing the cumulative score of a dictionary (category).|
If the score of all phrases found within a message reaches the required cumulative score of the associated dictionary, CodeTwo Exchange Rules Pro will apply the Remove sensitive content action on this message. Note that the predefined phrases in particular categories have their score set by default. If you are adding a new phrase, you need to set its score manually. Either way, you may adjust each score at any time according to your needs.
Note that when a particular phrase appears more than one time within a message, it will be counted only once while summing up the score of phrases and comparing it with the corresponding cumulative score of the dictionary.
There are four (exceptions apply*) types of phrases that can be searched by the program when it processes messages:
- Exact phrase - the program searches for the exact match of a chosen phrase, e.g. "test". If a message contains the defined phrase then the program applies the action. If there is no match (e.g. the message contains only the word "tester") the program simply ignores the message and no action is taken. The search operation is case-insensitive.
- Wildcard - the program searches for the phrase that matches or contains a selected phrase, e.g. "test*". If the message contains the word "test" or any other word containing the phrase (e.g. "tester"), the rule is applied and consequently the action is triggered. Note that wildcards (*) may be used only at the beginning or at the end of a selected phrase, e.g. *test, test*. The search is case-insensitive.
- Regular expression - it defines a sequence of characters or phrases that form a search pattern. The search operation is case-insensitive. CodeTwo Exchange Rules Pro supports the standard Microsoft's .NET Framework types of regular expressions. Learn more about regular expressions
- Algorithm - this type of sensitive content is based on the Luhn algorithm and can be used to make the program search for properly entered credit card numbers within the body of messages. Furthermore, it can be used for credit card numbers only and managed in the Credit Card dictionary (Fig. 6.). Currently, the program can recognize the credit card numbers issued by the following providers:
- American Express
- Diners Club
The algorithm type of sensitive content will only be recognized when a credit card number inside a message is entered correctly (compatible with the pattern defined by the credit card provider) and is preceded and followed by a white space or any other character different than a number, a letter or a plus (+) sign.
A correct credit card number which is entered in the message body but is preceded, followed or both preceded and followed by letters, numbers or plus signs will not be recognized as a correct credit card number. Only the following separators are accepted: dots (.), dashes (-) and white space (except for the end of line characters). If any other characters are found within the credit card number, it is not considered as a valid occurrence.
|Fig. 6. Using the credit card number algorithm.|
Please note that in specific situations some strings of numbers may be recognized as proper credit card numbers even though they are not. Such situations may take place when a message contains e.g. personal name records (PNR) from a database of a computer reservation system (CRS) or technical parameters of devices.
|Fig. 7. Opening categories / dictionary editor.|
The window that opens shows the predefined categories containing sensitive content. By selecting a dictionary (category) from the list on the left, you can modify it: add (Fig. 8.), delete or edit its phrases (Fig. 9.).
|Fig. 8. Adding a new phrase to a chosen category.|
|Fig. 9. Editing a phrase from the chosen category.|
|Fig. 10. Creating a new category.|
After you finish defining the phrases in a dictionary, confirm the changes by clicking OK. Once you click the Submit changes button on the ribbon of the Administration Panel, CodeTwo Exchange Rules Pro will perform the defined action on the sensitive phrases from all messages that meet the criteria defined in Conditions.