We need to prevent sensitive information from going out unencrypted and at the same time we do not want users to be able to encrypt data before emailing it as a way of hiding the contents from DLP scanning (such as emailing password protected documents and zip files) in an otherwise unencrypted email.
So, we want to prevent encrypted data that has not been scanned for content from being emailed out and also require sensitive data to be encrypted by an authorized encryption process before the email can be sent.
Are third party email encryption services required for the process we want to work or can users use the native email encryption built into Outlook 2010 that uses a user certificate and digital ID to encrypt email messages?
http://office.microsoft.com/en-us/outlook-help/enc...
We want to have record of who is sending out sensitive data and what it was, but allow it to be sent as long as it is properly encrypted.
Which DLP products are required for this to work (does it require Network Prevent For Email)?