Why you need advanced workflow for DLP
If one of your employees was sending privately encrypted messages to people outside the company, would you need to know this? Would you want the ability to stop these messages? A Data Leak Prevention solution with advanced workflow will provide this capability.
There are several kinds of workflows, depending on the level of security needed. A simple workflow will require just one level of review and approval. An advanced workflow will require multiple levels of review and approval.
If sensitive data is moving through the network, and it is not clear that the sender and receiver should have access, it makes sense to put in a series of checks to prevent inadvertent and malicious data leaks.
The first check should be with the sender. If a message or attachment has sensitive content that may not be appropriate for the recipient, the first reviewer should be the sender. If they are asked to verify that their message is acceptable to send, this will eliminate inadvertent leaks. If a sender deliberately chooses to send sensitive content inappropriately, the workflow will provide a record of this.
In some cases, the sender may think that they are allowed to send certain content, but they might be wrong. Or they may be maliciously inclined. This is where an advanced workflow is useful. Based on business logic, a transmission that the user approves is also sent to their direct supervisor or a security admin for final approval. This provides a clear audit trail of what content was sent, by whom, and with what approval.
When very sensitive data is involved, the workflow needs to stop the transmission of information completely and record the transaction for analysis. This provides a forensic trail for the security team to track critical leaks.
All workflow records need to contain: sender and receivers, mode of transmission, type of content involved, security rating of content and the actual content itself. This will give the security team everything they need to know to adjust policies, correct misuse of data and track potential high risk users.
To see a demonstration of how the GhangorCloud Information Security Enforcer provides an advanced workflow, please request a demo.