Which emails to log

With Zivver you can register information on your secure messages. But you can also do this for your regular emails.

Zivver strongly recommends: register information on all emails for all users.

Logging regular emails is necessary to know about possible security incidents. It is also necessary for the optimal functioning of the Zivver business rules. These rules tailor to your communication pattern. If you register your regular emails with Zivver too, you can prevent data leaks and stay compliant more effectively.

The products where you can enable this setting are the Zivver Office Plugin and the Zivver Outlook Web Access add-in. With this setting, you register a minimal amount of information when a user sends a regular email. This information is fully in accordance with our privacy policy and our data processing agreement.

Specifically, we store:

  • That a regular email was sent.
  • Whether Zivver warnings were ignored.
  • Email metadata necessary for investigating data breaches.

Examples are: the subject, recipient email addresses, and the filenames of attachments.

For regular emails, Zivver does not store the body of the email and the attachments. Zivver processes the information with the same strong security measures. Zivver already has those measures in place for the highly sensitive data in your secure messages.

Note
Currently, Zivver does not collect data of normal email in the Zivver Chrome Extension for Gmail.

Why log regular email

Zivver prevents data leaks and ensures compliance. For this, Zivver provides smart business rules. These rules secure sensitive data and prevent human errors. Zivver also provides reporting. This is to monitor and improve your data leak prevention and to investigate potential data leaks.

You can gain full advantage only if you register regular emails:

  • Business rules tailor to the communication patterns of your users. These business rules recognize anomalous behavior and warn only when necessary. If you do not register emails, you get more false positives and less effective protection.
  • Reporting improves your data leak prevention. For this, you must understand how users respond to security recommendations. This reporting is available only if Zivver registers when a user ignores a recommendation and sends a regular email.
  • Logging lets you investigate incidents. It also helps you to fulfill your regulatory responsibility to report data leaks to the authorities. When you use Zivver, the greatest risk of data leaks occurs when users ignore warnings and send regular emails. The logs show this risky behavior only if you collect information on regular emails.

Overall, you can greatly improve your ability to prevent data leaks and to stay compliant if you register regular emails with Zivver. Thus, we strongly recommend this setting.

Example of a report only available when logging normal emails

Enable regular email

Our recommendation is to set the setting to on and make it mandatory for all users. This prevents blind spots in your security monitoring.

  1. In the Zivver admin panel, open the Plugin Settings.
  2. Enable Collect information about emails sent without Zivver.
  3. Select the check boxes On and Mandatory.
    On means: default for all the users.
    Mandatory means: the users cannot change from this default.

Where to find the setting in the Zivver admin panel