Introduction
Instant Messaging (IM) applications are critical tools for collaboration but pose a significant risk for internal policy violations, specifically those relating to workplace harassment or threats. This rule addresses that challenge by employing Teramind's IM monitoring capabilities to proactively scan all outgoing messages, enforcing the company's Code of Conduct by immediately detecting the transmittal of abusive, harassing, or discriminatory language.
Rule Walkthrough
This example rule is configured to detect specific offensive keywords within IM by leveraging Regular Expressions to create a precise content filter.
Setting Up the Rule
General Settings
1. Assign a Rule Name. For example, “Offensive communications”.
2. Select a Parent Policy. For example, “Admin Policy”.
3. Select “Activity” for Rule Type.
4. Select “Instant messaging” under Select the type of activities.
Helpful Resources:
Employees
5. Turn on the Inherit targets from Parent Policy option to use the policy’s default targets.
6. Alternatively, turn it off and manually select the employees, departments and/or computers for the rules target from the Assign to field.
7. Optionally, you can exclude targets in the Exclude from rule field.
Helpful Resources:
Instant Messaging
8. A default condition block, "Condition 1," should already be added to the rule. Configure the condition as follows:
Condition 1
9. Add the Message body criterion by clicking the +Add button.
10. In the Message body field, enter:
(hell|heck|shit|kill|screw|mad|angry)
Then, select the Matches regex condition.
11. Add the Message direction criterion by clicking the +Add button.
12. Select "Outgoing" from the direction list.
Helpful Resources:
Actions
13. Select the Notify action.
14. Select user(s) you want to notify when the rule is violated. In this example, we selected the "HR Manager".
Help Reference:
Rationale for the Rule
The core justification for implementing this rule is to mitigate legal and ethical risk by focusing content detection in instant messages. You can create similar rules for other communications channels such as email and social media.
The rule's detection power relies on two criteria:
The Message body criterion, paired with the Matches regex condition, provides a precise content filter. The Regular Expression,
(hell\|heck\|shit\|kill\|screw\|mad\|angry), acts as a dynamic search query, using the pipe symbol (|) as an "OR" logic to ensure the rule is triggered if the text contains any of the listed terms.Second, the Message direction criterion is used to limit the scope of the rule exclusively to messages sent by the user, explicitly excluding incoming messages from others.
When these criteria and conditions are met, the action (Notify) immediately alerts the HR Manager to the high-risk incident.