Sorry - posted this in the wrong forum and don't see how to delete it. Will re-post in the Email Security Gateway forum. JLC
We are a hospital and we recently turned on the HIPAA pre-defined DLP content filter for Subject and Body (Block/Accept -> Content Filtering -> Predefined Filters). A lot of outbound messages unnecessarily trigger this filter. (Meaning there is no confidential patient data in the messages.) We've figured out that if senders remove the street address and/or phone numbers from their email signatures, the number of messages caught by this filter are greatly reduced.
In the process of analyzing the encryption traffic we've realized that most outbound messages are going to email servers that agree to using TLS with our email server, which always requests it, and we've started exempting those domains from encryption (Basic -> Administration -> Email Encryption Service -> Recipient Email Address/Domain Exemptions), but we are questioning whether this is a sensible strategy. If you exempt a domain, you can't even manually encrypt the message via the WSG. (By "manually" I mean we have a custom content filter in place that will encrypt any messages that have the word "ENCRYPT" at the beginning of their subject lines and staff here know to use that if they are sending sensitive information.)
My question for others on this forum is: Are there reasons to use the WSG encryption even when the messages are being sent over a TLS-encrypted connection? If not, it would be great if the gateway could detect that a message is going to use TLS and avoid encrypting the message in that case.
Thanks for your input.