Kiteworks | Your Private Data Network

Enabling Zero Trust Data Exchange in One Platform

Free Trial EXPLORE KITEWORKS

Kiteworks Data Policy Engine: Automated Protection That Adapts to How You Work

Video


 

Data moves constantly in and out of your organization. Files get shared, emails go out, documents are downloaded. The challenge isn’t just tracking this activity—it’s knowing when to allow it, when to restrict it, and when to block it entirely, and doing this at scale.

The Kiteworks Data Policy Engine solves this by following the NIST Cybersecurity Framework. It evaluates three key factors simultaneously: what data is involved, who’s taking the action, and what they’re trying to do. This triangulation lets you create policies that respond intelligently to real-world scenarios.

Policies work as if-then statements that execute automatically. Start with data conditions. You can key off folder locations—like separating public marketing files from restricted financial data—or use tags such as Microsoft Sensitivity Labels. You can even trigger policies based on keywords in email subjects or message bodies.

Then add user conditions. Specify who’s taking the action by their domain, email, or assigned profile. You can be inclusive—targeting specific users—or exclusive, saying “anyone except these users.” Combine conditions using AND and OR logic to narrow your scope. The engine reads left to right and applies the first matching rule it finds.

Once conditions match, directives take over. These control what happens next. For data access, you can allow with full tracking, apply SafeVIEW for view-only restrictions, require users to complete forms before downloading, or block access entirely. For uploads, allow with tracking, require acknowledgment forms, automatically tag incoming data for classification, or block specific file types or users. For sending and sharing, allow distribution while maintaining audit trails, require approval from designated reviewers before data leaves, or block sends to external recipients.

Here’s a policy in action: If a file tagged Sensitive is accessed by a user outside the internal domain, then block all access and log the attempt.

When manual oversight can’t scale with the volume of data moving through your organization, the Kiteworks Data Policy Engine delivers automated protection that adapts to how your organization works—evaluating every action in real time and enforcing the right response based on data sensitivity, user identity, and intended action.

 

Get started.

It’s easy to start ensuring regulatory compliance and effectively managing risk with Kiteworks. Join the thousands of organizations who are confident in how they exchange private data between people, machines, and systems. Get started today.

Schedule a Demo
Share
Tweet
Share
Explore Kiteworks