Electronic mail (email) is a method of exchanging digital messages between a sender and one or more recipients, typically over the Internet or other computer networks. In an enterprise environment, for example, email is known to provide a reliable and efficient method of communicating. There are a number of well recognized risks associated with enterprise email as well. For example, computer viruses can spread from one computer to another using email. In addition, email can be improperly used to forward confidential and/or sensitive data from a secure enterprise network to an external recipient. For example, the confidential and/or sensitive data can be included in the body of an email or as an email attachment.
A number of techniques have been proposed or suggested for preventing email from being used to forward confidential and/or sensitive data from a secure enterprise network to an external recipient. For example, many enterprise email systems include a filtering mechanism to scan outgoing emails for known confidential and/or sensitive data. While such existing filtering mechanisms have reduced the unauthorized transfers of confidential and/or sensitive data using email, there are many computers in an enterprise network that cannot be fully trusted. Thus, the filtering mechanisms installed on such computers cannot be relied on.
A need therefore remains for improved methods and apparatus for detecting unauthorized bulk forwarding of sensitive data over a network.