Previous Topic: Example User PolicyNext Topic: Example Document Classification

Policy GuideExample User PolicyExample Trigger Settings

Example Trigger Settings

This example shows settings for an email trigger configured to detect messages or attachments that contain usernames or passwords. The main analysis is performed by the specified document classification (see the following section).

Setting: Trigger Name

Value: Sharing of Usernames and Passwords

Setting: Policy Class

Value: Sharing of Usernames and Passwords

Setting: Severity

Value: 50

Setting: Smart Tags

Value: Classification

Setting: Which Address List?

Value: Use the Excluded List

Setting: Included Addresses

Value: *

Setting: Excluded Addresses

Value: <none>

Setting: Ignored Addresses

Value: <none>

Setting: Trigger Name

Value: Sharing of Usernames and Passwords

Setting: Which Document Classification?

Value: Classification 79 (Sharing of Usernames and Passwords)

Setting: Check Which Items?

Value: Subject, body and attachments

Setting: Which File Name List?

Value: Use the Included List

Setting: Included File Names

Value: *

Setting: Excluded File Names

Value: <none>

Setting: Encryption Filter

Value: All emails

Setting: Digital Signature Filter

Value: All emails

Setting: Search Which Sections or Documents?

Value: Subject

Setting: Which Search Text List?

Value: Use the Excluded list

Setting: Included Search Text

Value: <none>

Setting: Excluded Search Text

Value: %GlobalSubjectExcludes%

Setting: Which Email Sources?

Value: All

Setting: Data Lookup Command

Value: <empty>

Setting: Data Lookup Failure Mode

Value: Do not fire trigger

Setting: Minimum retention (Days) - Authorized Activity

Value: 0

Setting: Minimum retention (Days) - Prohibited Activity

Value: 0

Setting: Control Action

Value: Control Action 2 (Warn)

Setting: Message To Users

Value: This message or the associated attachment(s) you are attempting to send is in possible violation of a corporate security policy called "%triggername%".

Possible recommended actions that can be taken to eliminate or mitigate risk:

1. Remove words or phrases that you may consider being in violation of this policy before sending the message.

2. Do not send message.

3. Password Protect or use appropriate encryption policy.

4. Confirm that all recipients are approved for this communication.

Contact %NameOfSecurityOfficer%, security officer on %ExtensionOfSecurityOfficer% if you have questions regarding this message.