Titus Aware for Microsoft Outlook

Educating users about data loss prevention (DLP) is mostly a time-consuming and, frequently, disheartening experience, so why not lead them to component to the method instead? That is what Titus Aware (TA) for Microsoft Outlook aims to do by blocking emails which are unacceptable for business use and getting the sender to alter them in order that they comply.

TA checks email on the desktop, so there are not any network overheads as anything that does not conform to your policies cannot be sent. This also means TA works with virtually any mail server, including Microsoft Exchange, and there aren't any requirements for management of hardware/software components.

TA requires a small MSI package to be deployed to every user, and this supports all versions of Outlook from 2003 onwards. We loaded this manually on our Windows 7 Outlook 2007 test clients, but for big user bases it may be deployed using a bunch Policy or third-party software deployment tool.

The only other change required is a registry entry that points the customer to the positioning of the policy enforcement files. This may even be configured using a similar methods as for the MSI file and lets you keep all policy files in a central location. Security policies are managed using the TA Administration Tool. For every policy, it uses a proprietary file that contains global settings to govern the TA client and links to sets of associated XML content validation files. Each file contains information on one specific area of content validation. The variability of controls is extensive as these files can contain lists of permitted external mail domains and countries, restricted domains, attachment controls and mail content checks.

For attachments, TA can restrict the file types that is sent and enforce size limitations. It could also scan them to detect keywords and phrases of their content. TA currently supports all versions of Word, Excel and PowerPoint, inclusive of Visio, OneNote, OpenOffice and PDFs; it is able to also look inside archives. For message content you may run checks using XML files containing lists of unacceptable words or phrases and apply patterns along with mastercard or social security numbers. Advisory headers and footers may be included in outbound messages and metadata added that's utilized by security gateways to envision that messages were seen by TA.

We found the administration console easy to apply because it groups the policy components under a row of tabbed folders. Global settings are used to make your mind up whether a dash screen is shown when a user loads Outlook. TA is also enabled for Outlook's calendar and tasks so DLP policies may be applied to shared appointments and job assignments. Another useful feature is TA's one-click message classification. If here's activated, users can choose from an inventory of classifications, that may determine what checks are applied. Emails classed as internal could have a discounted set of content-check policies applied, but those classed by the user as external would be more rigorously checked.

Very little training is needed for the user because the next time they load Outlook, create an email or respond to one they'll see a brand new set of icons inside the Ribbon. Previous to sending the e-mail they may hit the content check button and spot if it passes the policy checks. If it doesn't, a dialogue box advises them; in the event that they choose to correct it, the TA client provides an easy wizard showing them what should be modified or removed.

If the user doesn't check the message first and tries to send it, all checks will still be applied and they will get the identical warning and assistance if it fails validation. If the policy has justification enabled in its global settings, the user may override the content checks and send the message anyway. However, they have to first type in a explanation for doing so and this response could be logged by TA.Should they receive an internal message from a co-worker that they need to forward externally, they're allowed to switch its classification and downgrade it, but also will have to justify this.

Maintaining all control and XML files in a central location allows administrators to assign policies to teams or individuals. Many policies can have a core set of validation checks so some XML files could be shared among different user groups.

Auditing features are limited as TA can only post all activities within the Windows Event log. It does provide good levels of knowledge, but when you would like to use it for reporting and auditing purposes you will want to source a separate application which can access these logs.

Titus Aware offers an elegantly simple DLP solution for Outlook users. Actively engaging users inside the process will cause them to way more accustomed to what's acceptable for business email.
Dave Mitchell