Streamlined Quarantine in SearchInform Risk Monitor
10.02.2025

Mail Quarantine module has become faster, more precise and convenient.

The vendor updated the email quarantine functionality. The developers reduced the load on the email protection server, making processing of suspicious emails faster.

Risk Monitor Quarantine stops critical emails that violate security policies. The daily flow of emails, including suspicious ones, can be enormous in large enterprises. At the same time, security measures for monitoring emails should not disrupt business processes. The SearchInform team implemented new flexible quarantine settings in order to address these circumstances. The advanced settings will help monitor the email traffic and optimize capacity for storing and analyzing emails.

Firstly, Quarantine supports white lists of email addresses. Based on the lists, the solution filters out emails that can be excluded from check. Now, the users don’t have to form such lists entering email addresses manually – they can be imported from an external TXT or CSV file. The lists can be also exported to a file. 

Secondly, attachments can be now analysed by AAServer, a utility component of Risk Monitor. It processes image attachments and extracts information from archives, including password-protected ones. Moreover, the DLP system can generate strong passwords to protect transferred files.

Finally, the storage settings were enriched with a new option intended to clear the database of processed emails. With the activated option, the system will automatically delete all emails that have not violated any quarantine policy. The solution also provides the possibility to delete all email incidents in batches. It is required to select a particular quarantine policy and clear all incidents detected according to this policy. As a result, storage capacity of the quarantine server will always be maintained at the optimal level, and the security auditor will have only active incidents for review.   

Companies send and receive thousands of emails every day. Each of them must be checked for compliance with data security policies. That is why email quarantine has to process a heavy load of mail traffic. Its smooth and delay-free performance is critically important. Information security specialists should quickly respond in case of security incidents and green-light safe emails,” said Sergio Bertoni, the Leading Analyst at SearchInform.

We regularly enhance the performance of the Risk Monitor Quarantine. The current update, in particular, made the solution more convenient. Moreover, the optimization results in reduced load on the hardware. Thus, companies do not have to constantly increase server capacity. It is very important to keep a reasonable level of maintenance costs. The cost-effectiveness of DLP systems is one of the major factors considered by potential customers,” added Sergio Bertoni.

ABOUT SEARCHINFORM

SearchInform is an information security and risk management product vendor as well as an MSS provider. The company's clients are more than 4000 companies in 20+ countries. Today, the team has products and services for comprehensive protection against insider threats at all levels of corporate information systems: FileAuditor (the DCAP class solution); DLP system with extended functionality; Risk Monitor (advanced platform for internal threat mitigation); SIEM system, IS outsourcing service.

Letter Subscribe to get helpful articles and white papers. We discuss industry trends and give advice on how to deal with data leaks and cyber incidents.