When implementing any data protection system you require a list of keywords or terms that you need to monitor/track in all company documents and across all data transferring channels.
For this operation you should edit the dictionary filter with the name “Glossary of industry terms”, add keywords and expressions from the internal documents of the company. To do this, switch to the “Filters” tab in the administrator interface and go to the filter Glossary of industry terms.
Add keywords to the field “Dictionary”. For example, “Licensor”, “Licensee”, “Company card” etc. Then choose “Incident” as the productivity category.
Then go to the filter and reduce the number of event types for finding keywords. Click “Save”
After creating this type of keyword search, all new events will be checked for matching searching criteria and fall into “Triggered filer -> Incident”.
Then you can return to the menu “Triggered filters/Name/Glossary of industry terms” and check the events that are there.
You may see the following picture:
Let’s say that in our company a user named «Руслан Костырин» shouldn’t have access to these documents. However, we see that he not only downloaded this file to his computer but also sent it to another user by e-mail. Now we have some questions to this user that may require his explanation.
Having the intercepted file analyzed we can see that it doesn’t match with the documents from the report system which means that this employee (although he shouldn’t have access to these documents at all) made corrections to the terms of the contract and the pricing. This seems like a violation of corporate policy of working with counterparties.