Prevent Data Loss with Document Fingerprinting

Document Fingerprinting

Employees in your organization handle different types of sensitive information each day. Document fingerprinting protects` your organizations sensitive data and identify all standard sensitive data forms your company uses. Therefore, document fingerprinting protects your sensitive data from employees sending it out as an email attachment.

Microsoft Exchange Server 2013 and Exchange Online, uses a ‘Data Loss Prevention (DLP)’ for ‘Document Fingerprinting’. The feature converts a standard form or template into a sensitive information form. The form is used to define your company’s DLP policies and transport rules.

Ideally, companies have already established a business practice, for using certain forms to transmit sensitive data. Your IT administrator needs to upload the empty forms to the exchange server that coverts the forms to a document fingerprint. Afterwards, the administrator assigns the corresponding policy to the documents. The DLP agent will automatically detect any document in your employee’s outbound email that matches the fingerprint.

How Does Document Fingerprinting Work?

Electronic documents don’t have an actual fingerprint, but they do have a unique word pattern. When a document is uploaded to the exchange server the DLP agent identifies the unique word pattern in the document. Afterwards, the DLP agent creates a document based on the word pattern fingerprint. The document fingerprint is used to detect any outbound documents that contain the unique word pattern. Therefore, to create the most effective type of document fingerprint you need to upload the form or template to the server.

Your employees use the same form to fill in the customer’s information. Therefore, they use an original set of words when filling in the form and add their own words to the document. The DLP agent can determine if the document matches the document fingerprint, as long as the outbound document contains the original text and isn’t password protected.

Each document uploaded to the server must be in plain text and a supported file type. The DLP agent converts the word pattern of the document with an algorithm that creates the document fingerprint. The algorithm uses a small Unicode, XML file that contains a unique hash value to represent the original text. The fingerprint is saved in the Active Directory as a data classification.

For security measures the server never stores the original document, but instead stores the document hash value. Therefore, the original document cannot be reconstructed from the hash value if your server is breached. Once the server creates the hash values your document is classified as sensitive information that you can associate with your company’s DLP policy. After you have associated the document fingerprint with your DLP policy, the servers DLP agent detects the patent fingerprint in outbound emails. The agent will handle the outbound document according to the DLP policy assigned.

What Are The Limitations Of Document Fingerprinting?

The document fingerprinting DLP agent can’t detect sensitive information if:

  • The document is password protected or any password protected file.
  • The attached document only contains images and no text.
  • The attached document doesn’t contain all the text from the original document used to create the fingerprint.

Image: flickr.com

Recommended Posts | Data Loss Prevention

Rogue Virus Warnings

Rogue Virus Warnings: A Sure Sign You Have Been Hacked

It's important to be on your guard against hackers. There are many signs of hacking activity. Here is one of the most common ones you should look out for: Fake Anti-virus Messages - A fake message warning you about a virus is a pretty certain indicator of hacking - provided, that you know it is fake ...
Been Hacked

Have you Been Hacked? Now What?

If your ISP provider notified you that your computer has become part of a zombie botnet, take them seriously. Your computer has been hacked and it is critical that you take evasive actions to protect your data. A virus or other malware that is installed on your computer can now be used to attack ...
Design Your Company’s Backup Recovery Plan

How to Design Your Company’s Backup Recovery Plan

Making a backup and recovery plan for your company needs careful planning. Deciding on who will backup your data and what data needs backing up is all part of that plan. Ask your business associates who they use. Research the different Data Backup and Recovery Companies online ...
Partitioning Your Hard Drive

The Benefits of Partitioning Your Hard Drive

Partitioning can be a smart option for home computer users. When you partition, it means that critical data used by the computer will not be stored on the same drive, i.e. the C drive. There are several advantages to this, but the best reason to do it is that it means you won’t lose all your data ...