As a general rule of thumb, email is difficult to track, easy to forward and is an unsecured method for transmitting sensitive data. To help protect University data, UD activated Gmail’s Data Loss Prevention (DLP) security feature to prevent Social Security and credit card numbers from being transmitted within the body of an email or an attached file.
How does DLP work?
DLP scans outgoing messages for Social Security or credit card numbers and blocks emails containing this information from leaving UD’s email domain (i.e., to recipients without a @udayton.edu address).
What happens if a message is flagged?
When Google’s DLP algorithm rejects a message, the sender receives an automatic notification.
What if DLP reports a number string that isn't actually sensitive data?
If you've received a false positive and need to send this data from your UD Gmail account, you can do one of the following:
Will DLP block other 9-digit number strings, like University ID numbers?
DLP distinguishes Social Security numbers from University identification numbers and does not block UD ID numbers.
What if I have a business need to send credit card or social security number off-campus?
If you have a need to share social security numbers or credit card data off-campus as part of your job, call the IT Service Center and a member of our IT Security team will reach out to ensure transmission of this data is managed by the appropriate technical safeguards.