Customers send emails that contain customer’s personal information (PII or PHI) to employees in order to get some business activity done.
- Data Breaches: $1.9B loss due to Business Email Compromise (BEC) reported to FBI in 2020 and 45k cases of personal data breach reported to FBI in 2020.
- Compliance: Each state has come up with its own privacy and security laws to protect customer data in the recent past. What started with GDPR in the EU in 2016 translated to CCPA in CA and most recently New York, Virginia also passed their privacy acts.
Strac Office 365 App is a Data Loss Prevention (DLP) software. It masks (aka redacts) sensitive emails while still giving the opportunity to authorized users to view those emails in Strac UI Vault. A business can configure a list of sensitive data elements (SSN, DoB, DL, Passport, CC#, Debit Card, API Keys, etc.) to redact. Compliance, Risk and Security officers will get audit reports of who accessed what messages.
Below is a sample list of sensitive data elements that will be detected & redacted:
- Identity: Drivers License, Passport, SSN (Social Security Number), etc.
- PII: Name, Address, Email, Phone, DoB, Age, Gender, Ethnicity, etc.
- PHI: PII data, Medical Record Number (MRN), Medical Notes, etc.
- Payments: Bank Account, Routing Numbers, Credit Card, Debit Card, etc.
- Secrets: API Keys, Passwords, Passphrases etc.
- Physical Network: IP Addresses, MAC Address, etc.
- Crypto Secrets: Bitcoin, Ethereum, Litecoin Addresses, etc.
- Custom: Create your own rules or use regex