Some things that are great on their own turn out to be even better as half of a dynamic duo. We’re talking peanut butter and jelly. Burgers and fries. Hall and Oates. And now: data loss prevention (DLP) and ediscovery. 

Sure, DLP is critical by itself for helping you protect your company against the unauthorized leakage of sensitive information. And ediscovery techniques slice through the vast data your business generates to reveal the key facts that can determine the outcome of a litigation matter or an internal investigation. 

But when you combine DLP and ediscovery, you gain even deeper insights. Here’s how. 

How DLP Minimizes the Risks of Sharing Data

Companies trade enormous volumes of sensitive information when hiring employees, managing internal human resources, marketing to potential buyers, and serving customers. That sensitive data may include a wide variety of personally identifiable information (PII) or personal data, from names, Social Security numbers, customer IDs, and usernames to physical addresses, email addresses, IP addresses, phone numbers, and much more. 

Because these types of information are central to how businesses operate, they can crop up in various places: in emails, Slack messages, Jira tickets, Salesforce records, internal HR databases, or anywhere else that work gets done. 

Despite the apparent ubiquity of PII, companies should carefully protect these types of information from unauthorized disclosure. After all, why should customers trust a business to provide them with good service if they can’t even protect individuals’ basic information? Suffering a data breach or an information leak is embarrassing and costly, both reputational damage and actual monetary losses. 

As a result, companies have implemented sophisticated DLP measures to ensure that messages containing sensitive information don’t go to unauthorized recipients. DLP solutions use various means—often including artificial intelligence (AI) and machine learning—to recognize patterns that may indicate sensitive information and to intercept messages that include that information. DLP systems operate as pre-check screeners, filtering messages through a set of rules before approving those messages to be sent. If a message violates a DLP rule, the message is held, and a user (which may be the sender or an administrator) can take appropriate follow-up action. 

For all its benefits, there’s a clear limitation to DLP: it only applies to data in motion or being sent from User A to User B. That stands in contrast to ediscovery methods of evaluating information, which consider an entire corpus of static data and pinpoint the relevant facts found within that volume of data. 

But what if we could apply DLP methods to an existing set of messages?

Applying DLP to Slack Messages

Over the last couple of years, the team at Hanzo has been working on a project that combines aspects of machine learning with ediscovery and investigations. We’ve been training models to recognize two distinct types of misbehavior that may occur within Slack messages: inappropriate communications, including bullying, harassment, and discrimination, and leakage of sensitive information such as PII. 

These methods helped us to pinpoint concerning messages within a Slack workspace with a high degree of confidence, identifying the dates, channels, and users associated with potential misbehavior. For organizations with remote teams that stay in touch over Slack, this functionality could help them detect previously hidden malfeasance and weed out bad actors. 

So, why not use these same techniques to gain deeper insights into messages during ediscovery and internal investigations?

[View source.]