If you have a common first name like me, you receive all sorts of email intended for other people. This is a Security and Information Governance blindspot.
With Generative AI, it becomes possible to prevent the unintentional spreading of confidential information via email, further than it should.
Analysis / classification can be rapidly performed on subject, content and attachments to allocate governance risk.
To prioritize efforts:
Does the recipient have a known duplicated name in the company?
Does the recipient department role have normal access to type of information?
Does the recipient have an address outside of company?
The experience suggestions:
The email client can display a warning smart tag on suspect addressees in "To" or "Cc" address fields.
Pressing Send in email client can display a warning confirm dialog
Post-client send modification.
Email filtering is normally done on the way-in. However here the email server can hold suspected addressed content for send confirmation.
Advantage for this aspect is the specific client device doesn't need dependencies or new capabilities to achieve the coarse function.
The solutioning project could also be used investigate governance of content and attachments for non-email messaging platforms for example:
Adding a member to a chat / channel with privileged information contained in history
Sharing information to a chat / channel with miss-match for member privilege.
Redact chat / channel / attachment access by member privilege change
Information Governance policies delegate responsibility for correct information classification and propagation onto employees.
Now with the dawn of Generative AI capabilities there is an new opportunity to re-incorporate and augment some of this governance responsibility via automated safeguards for information sharing.
Thank you for submitting the idea. The status has been changed to "Needs review".