Data Loss Prevention in Email Attachments

Configure JSCAPE MFT server to address data loss prevention with email attachments.
  1. Blog
Note:This post was originally published on Sept 14, 2011 but was updated on June 15, 2018 to reflect the latest MFT Server GUI

data loss prevention email

This tutorial will address a common problem of data leak prevention with email attachments and how the JSCAPE MFT Server can help solve this issue.

Download JSCAPE MFT Server Starter Edition

In this tutorial we'll demonstrate how to configure the JSCAPE MFT Server DLP module to flag a document containing credit card numbers attached to an email message. We are using a plain-text document (test-cc.txt) that contains the following sample credit card numbers. These credit card numbers will validate but are not in use.

American Express: 378282246310005

Discover: 6011000990139424

MasterCard: 5555555555554444

Visa: 4012888888881881

This tutorial is divided into two objectives, configuring the JSCAPE MFT Server, and Testing the JSCAPE MFT Server. Each objective has a series of tasks necessary to complete each objective. Each task contains one or more steps to complete the task.

Configuring JSCAPE MFT Server

In this objective, we'll complete the necessary tasks to set up and enable ad-hoc email transfers and the Data Loss Prevention parameters.

Enable ad-hoc email transfer for JSCAPE MFT Server.

In this task we'll complete the following steps to enable the ad-hoc email feature of JSCAPE MFT Server.

1. From main screen, navigate to Settings > Email > Email. Make sure you have enabled the email service and configured the email settings.

email settings

2. Click the Ad-Hoc File Transfer tab, ensure the Enable ad-hoc email transfers option is checked, and click Apply to accept the settings.

ad hoc file transfer

The remaining default settings are sufficient for this tutorial. Please refer to the JSCAPE MFT Server online documentation, Email Transfers > Enabling Email Transfers for more information about additional settings.

Edit User for desired domain.

In this task we'll complete the following steps to edit an existing user.

1. Navigate into the desired domain.

edit domain

2. Click the Users node under the desired domain. A list of valid users is displayed, if any. Select the desired user and then click the Edit button.

edit user

The User account settings dialog box is displayed.

Please refer to the JSCAPE MFT Server online documentation, Server Configuration > Adding Users for more information about adding users and the associated settings.

Enable the ad-hoc email transfer option for the desired user.

In this task we'll complete the following steps to enable the ad-hoc email transfer for this user on the User account settings page.

Scroll down the User Account settings page and make sure the Enable Ad-hoc email transfers option is checked.

enable ad hoc email transfers

Enable DLP for Virtual Paths.

In this task we'll complete the following steps to enable the DLP option for the virtual paths associated with this user.

1. Click the Paths tab at the top of the User Account settings dialog box. A list of virtual paths is displayed, if any.

2. Select the desired virtual path.

3. Click the Edit button.

edit user select virtual path

4. The Edit Virtual Path dialog box is displayed.Ensure the Enable DLP option is checked.

edit virtual path-1

Please refer to the JSCAPE MFT Server online documentation, Data Loss Prevention (DLP) > Enabling DLP for more information about DLP settings.

Edit DLP Settings.

In this task we'll complete the following steps to add the DLP rules that we want applied to this user account.

1. Click the Settings button located to the right of the Enable DLP option.

enable dlp settings

2. The DLP Settings dialog box is displayed. Select the Use Rules option button and click the Rules button.

use dlp rules

3. The DLP Rules dialog box is displayed. Click the Add button to add a rule.

add dlp rule

Select DLP Rules.

In this task we'll complete the following steps to use predefined DLP rules to analyze the attached file content for credit card data.

The Add DLP Entry dialog should then appear, where you'll be asked to select a DLP rule and a corresponding Access right should a DLP rule match occur. For example, we select American Express and then give that an access setting of deny ad-hoc. Meaning, if an American Express number is detected while a user is attempting to email a file, the ad-hoc email transfer will be aborted.

american express

american express deny ad hoc

If you want MFT Server to detect more credit card types, just add more DLP rules. Here, we've added DLP rules for Discover, MaterCard, and Visa credit cards as well.

dlp rules american express discover mastercard visa

Please refer to the JSCAPE MFT Server online documentation, Data Loss Prevention (DLP) > Enabling DLP for more information about DLP settings. Click the OK buttons until you're back at the Users module.

Testing the JSCAPE MFT Server

In this objective, we'll complete the necessary procedures to initiate an ad-hoc email transfer and view the Data Loss Prevention results.

Select the Email Attachment File.

In this task we'll complete the following steps to select our test credit card file as the attachment to our email.

1. Login to the JSCAPE MFT Server Web User Interface.

web user interface jscape

By default, the My Storage view is displayed. If you have the My Account view set as your default display, you can click the My Storage link, located in the upper-right corner of your web browser. Select the text-cc.txt file. When you select one or more files, additional options are enabled on the toolbar. Specifically, the Email Files button is enabled. Click that.

email files web ui

Select the Email Recipients.

In this task we'll complete the following steps to select the recipients for our email.

1. Enter the recipient email address into the To field. You may also select one or more recipients from your contacts list by clicking the contacts (+) icon.

2. Click the OK button to initiate sending the email.

email files dialog

Please refer to the JSCAPE MFT Server online documentation, Email Transfers > Managing Contacts for more information about using the contacts list.

Assuming the uploaded file was already indexed, you should then see a message box indicating that a DLP rule matched and that access is denied.

dlp rule matched

Data Loss Prevention in Email Attachment Results

Configuring the JSCAPE MFT Server in this manner prevents the selected user from using the ad-hoc email transfer option for the selected virtual path and when the file content matches the enabled DLP rules. While the specified user may work with the sensitive documents as part of their normal routine, the JSCAPE MFT Server helps prevent leaking sensitive data to unauthorized recipients.

Summary

You should have noticed a couple of key points while working through this tutorial. Namely, you can enable ad-hoc email transfers on a per-user basis. You can define DLP rules also on a per-user basis. Lastly, you can enable DLP rules for selected virtual paths on a per-user basis. You can see from these combinations just how tightly you can configure the JSCAPE MFT Server to prevent data loss with email attachments throughout your enterprise.

Want to try this out yourself? Download a free, fully-functional standard edition of JSCAPE MFT Server now.