Hi chaps,
We've had a case this week of a client who found out a user, who is in the process of being let go, had emailed out to their personal gmail account a copy of all the internal documents, logos, process diagrams, etc. The user is now undergoing disciplinary action and facing possible legal action. However, while it's almost impossible to prevent a user from emailing a document out if they really want to, companies are obliged to have a policy in place requiring them not to doing so, and here in the UK that policy has to be seen to be implemented and enforced if it is to be referred to in any action. We've suggested a proper compliance level archival service in order to allow for emails to be restored even when users delete emails from their machines (and their recoverable deleted items in this case). Elsewhere we have used similar services to also report on certain file types, file names and sizes of files being sent, and use them to bounce emails under certain conditions. Bouncing certain emails, while a very limited short-stick, does allow for the policy to be seen to be in place if people are as silly as to send out documents with certain names etc (like Accounts2008.xls etc). What do other companies do to help either prevent people sending docs out, or to cover themselves legally should they have to take action against a user for doing so, or to highlight when a user is doing so? Olly -- G2 Support Network Support : Online Backups : Server Management Email: [EMAIL PROTECTED] <mailto:[EMAIL PROTECTED]> Web: http://www.g2support.com <http://www.g2support.com/> ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ ~ <http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/> ~