It Doesn’t Matter That Policy Compliance Tools Aren’t Perfect

This is the second bulletin in a series about policy and regulatory compliance tools. These tools are outbound email filters that attempt to stop users from violating organizational policies or legal regulations.

Attempt is the operative word here. These tools can't do a perfect job.

Let's use the same example policy as before: "Only people in the PR Team group are allowed to email press releases to people outside the company." Determining what a press release looks like is an imperfect science. So we'll experience quite a number of false positives -- incorrect detection of a violation when none has occurred.

The important thing is what happens when the tool believes it has spotted a violation. Ideally, such tools should be set up to return the message to its sender, with a warning that a potential policy violation was detected. This is usually better than (say) alerting the user's manager or the HR department.

... Richi Jennings

One Trackback

  1. By Computerworld Blogs on April 26, 2006 at 5:49 AM

    New IE7 beta2 (and live mustachioed plumber)

    Need a break? Turn to IT Blogwatch, in which the latest IE7 Beta debuts in open beta. Not to mention a live performance from one of the Super Mario Brothers…

Post a comment

You must be logged in to post a comment. To comment, first join our community.