Data Loss Prevention Program

With over 10,000 faculty and staff email users on ECU’s Exchange system, one of the biggest concerns is the accidental breach of sensitive information through an unencrypted message. Therefore, as an added layer of security, ECU has a Data Loss Prevention (DLP) program to further protect sensitive information emailed to recipients outside the ECU network.

As a first step in protecting sensitive data, faculty and staff are required to encrypt email containing sensitive information when addressed to recipients outside ECU. Examples of sensitive information include HIPAA, FERPA and PCI. To encrypt an email, a user simply types the words, [sendsecure] in the email's subject line or tags the message as Confidential.  See the encryption page for the easy, three-step process (Outlook 7, 10, 11, 13 and Piratemail).

When sent, the email passes to the Exchange server to be delivered. Encrypted messages are sent to the recipients while unencrypted messages are checked against sensitivity "markers." If the message meets certain criteria, the following happens:

  1. Critical to High Sensitivity. Messages are encrypted and delivered. Senders are reminded of the encryption policy through an email.

  2. Medium Level Sensitivity. Sensitive messages are delivered unencrypted. Again, senders are reminded of the encryption policy through an email.

  3. Low Sensitivity. Messages are delivered but not encrypted. No reminder is sent to the sender.

No one is reading your email. The spam filter simply checks the message against certain criteria, such as digits in the xxx-xx-xxxx format that could indicate a social security number or a long string of numbers near a date that might indicate a credit card number.

Here is what all users sending sensitive information should do:
  1. Encrypt emails containing sensitive data addressed to non-ECU users by typing [sendsecure] in the subject line or setting the Confidential tag. See the email encryption page for exact instructions with screen shots.

  2. Make sure that sensitive pdf files have Optical Character Recognition (OCR) applied to make the text searchable. Images cannot be read by the DLP filter.
For more information on sensitive data at ECU, see these websites:
Email Encryption:
Sensitive Data:
Sensitive Data Storage:
Social Security Numbers:
FERPA policy:
Payment Card Industry (PCI):