Content Analysis, Not Action, is the Difficult Part of Policy/Regulations Compliance

There are a growing number of products that scan electronic communications (especially email), to enforce compliance with laws, industry regulations, or organization policy.

The first one to get well established was MIMEsweeper. Other more recent players include MessageGate, ProofPoint, Tumbleweed, and Vontu.

Vendors always talk breezily about the policy definition. However, the really difficult thing is translating policies in your HR manuals, or laws or regulations, into equivalent filters. If the filter uses simple word pattern matching, you'll soon be in trouble. There's no way a simple parser can capture what's meant be "private health care information about customers".

So when evaluating policy enforcement products, spend much of your time evaluating how well policies/regulations/laws can be embodied in filters. In other words, on the analysis side of the equation.

The other side of the equation is the action part: what happens if a policy trigger is fired. Typical actions include notifying an administrator, putting an email in quarantine, sending a message back to the sender, and so on. The action side is much simpler than the analysis side.

... David Ferris

One Comment

  1. Posted August 29, 2005 at 1:00 PM | Permalink

    Could not have said this better myself! As a longtime practicioner of content analysis, this is where the problem with most risk mitigation and compliance technology lies. A typical filter from the vendors mentioned above does not go deep in analyzing content. Rather, it performs a superficial word-word pattern match or looks for signatures of documents or parts of documents. As such, related words such as comply and compliance which share the same root would never be considered to be describing the same topic with the typical superficial filters on the market today. This is why content analyzers that have a means of describing and understanding content patterns in a sophisticated manner that is more akin to how people relate to information will win the day IMHO!

Post a comment

You must be logged in to post a comment. To comment, first join our community.