In some cases, an enterprise may need to restrict access to information within the enterprise and/or prevent certain types of information from “leaking” outside the enterprise. For example, regulations or business procedures might require that a user (or a group of users) be prevented from accessing restricted financial information associated with a particular business deal or company. The restricted financial information might represent, for example, material non-public information, client confidential information, and/or trade secrets or other information associated with the enterprise (or client or customer of the enterprise).
To secure information, such as electronic documents, spreadsheets, or other types of files, procedures and rules could be established for users. For examples, employees might be told that information stored in a particular type of folder should never be attached to email messages that are sent outside of the enterprise. Such an approach, however, could be ineffective because of users who mistakenly forget to follow the rules and/or intentionally violate procedures. Moreover, managing and enforcing appropriate restrictions can be difficult—especially when there are a large number of users and/or types of restricted information.
As another approach, an email application could be designed in a way that prevents users from attaching any electronic file to a message. Similarly, an email application could be designed in a way that only allows users to send messages to a pre-defined set of recipients (e.g., only to other employees). In either case, however, the restrictions may impractically limit a user's ability to communicate with others (e.g., with respect to non-confidential information).