Safedrop DLP - Data Leak Prevention

DLP Guide: Data Loss Prevention (Phase 1)

What is DLP?

DLP is a safety feature that helps prevent accidental or risky sends by warning you before a safedrop is sent to unfamiliar recipients.

Currently, Phase 1 checks recipient familiarity. Content scanning (e.g. PII detection) will come in future phases where possible with zero knowledge security.

How It Works

When you click Send in the composer:

• The system checks every recipient against your tenant’s history.
• It returns a list of any unfamiliar recipients.

What counts as "Familiar"?

Important: A recipient only becomes familiar once they have opened the safedrop. Just sending it is not enough. This protects against typos and phishing attempts.

What Happens in the Composer

1. You click Send.
2. If all recipients are familiar → Send proceeds normally.
3. If any recipients are unfamiliar → A Pre-Send Warning modal appears.

• • Lists each flagged recipient and reason (new_business_domain or new_consumer_recipient).
  • You must explicitly acknowledge the warnings to continue.

4. Your acknowledgement is recorded permanently.

Audit PDF

The signed audit PDF now includes a DLP section showing:

• Which recipients triggered warnings
• The type of warning
• That you acknowledged them (with timestamp)

This adds an extra layer of compliance evidence.

What DLP Does Not Do (Yet)

• No content scanning (no PII/credit card/SSN detection)
• Does not block sends — only warns (senders can always acknowledge)
• No admin configuration options
• No notifications to admins when warnings are acknowledged
• Only available for paid plans (shared/personal plans are skipped)

For Administrators

Key Security Properties

• Fully tenant-scoped (no cross-tenant data leakage)
• Requires authentication
• Fast and lightweight
• Fail-open: If the DLP service is down, sends continue without warnings (availability prioritized)

Updated on: 28/05/2026