Strac: Email DLP (Data Loss Prevention)

yayıncı: Strac Incorporated

Email DLP (Data Loss Prevention) protects emails by redaction/masking sensitive emails/attachments


Strac (Y Combinator backed) protects businesses by redacting (masking or removing) sensitive customer data like SSN, Drivers License, Passport, Bank statements, Tax docs, Medical Notes, any kind of file that contains PII data, etc. from emails (body and attachments). Attachments could be .pdf, .jpeg, .png, .docx, .csv, .xlsx, and more.

Strac offers a data protection tool for your email inboxes. Strac helps business be compliant with PCI-DSS, SOC 2, ISO 27001, GDPR, CCPA, NY CRR 500, and local privacy laws.
Strac's solution is a sophisticated form of email encryption.

Strac DLP (Data Loss Prevention)

Strac Email DLP is a potent Data Loss Prevention software, designed to seamlessly integrate with Office 365. The primary function of this software is to discover, or detect, sensitive emails. To utilize this feature, you simply need to activate the Strac Office 365 App and it will provide you with findings of any sensitive emails that have been shared.

Another key feature of Strac Email DLP is its ability to mask, or redact, sensitive emails. However, it does so while ensuring authorized users can still access the redacted emails via the Strac UI Vault. This ensures the necessary privacy measures are met without obstructing authorized access.

The software also provides the functionality to prevent the sharing of emails to external email addresses. This feature can be customized to suit specific workflows, such as requiring owner approval before an email or attachment can be sent externally. If the owner rejects the outgoing email, the software ensures that it is not sent to the external party.

Lastly, businesses have the flexibility to configure a list of sensitive data elements, such as Social Security Numbers (SSN), Date of Birth (DoB), Driver's License (DL), Passport information, Credit Card numbers, Debit Card details, API Keys, and more, for redaction. This ability enhances the software's data protection capabilities. Compliance, Risk, and Security officers can also obtain audit reports, which document who accessed what messages, thereby maintaining a detailed record of data access and usage.

The following examples illustrate types of sensitive data elements that can be identified and concealed:

  • Personal Identification: Elements like Driver's License numbers, Passports, Social Security Numbers (SSN), and National Identification Numbers.
  • Personal Identifiable Information (PII): This incorporates details such as Names, Addresses, Emails, Phone numbers, Dates of Birth, Age, Gender, Ethnicity, and more.
  • Protected Health Information (PHI): This category includes PII data, Medical Record Numbers, Insurance IDs, Health Plan Beneficiary Numbers, Biometric data, Medical Notes, and more.
  • Financial Information: This covers details like Bank Accounts, Routing Numbers, Credit Card Numbers, CVV codes, Expiration Dates, Debit Cards, International Bank Account Numbers (IBAN), and more.
  • Confidential Details: This includes API Keys, Passwords, Passphrases, and similar elements.
  • Automotive Details: Data such as License Plates and Vehicle Identification Numbers (VIN).
  • Network Information: This involves data like IP Addresses and MAC Addresses.
  • Cryptocurrency Information: This encompasses Seed Phrases, Bitcoin, Ethereum, Litecoin Addresses, and more.
  • Inappropriate Content: This category includes profanity such as curse words, abusive language, and offensive content.
  • Voice Communication Records: This comprises audio or video recordings containing sensitive information.
  • Customizable Rules: You have the ability to formulate your own detection rules or employ regular expressions (regex).
You can checkout this link for more details:

Bir bakışta