Help Center

Third-party software Contact us

Clipboard control configuration

The Endpoint DLP module in DataSecurity Plus offers prevention policies to thwart and respond to potential file security risks. The clipboard control prevention policy audits and blocks clipboard copy actions triggered within local devices, the organizational network, and removable devices.

There are two steps to preventing copy actions in configured endpoints:

  • Create a file copy prevention policy with the block response enabled.
  • Map the prevention policy to the DLP policy that has been applied to endpoints.

Note: The default clipboard control prevention policy audits all clipboard copy actions. It cannot be edited or deleted. If you want to modify your responses to copy actions, you must create a new policy and customize it.

Creating a new clipboard control policy

You can create a new policy when you want to block copy actions in select files or in specific endpoints. Follow the steps below to configure a custom copy prevention policy:

  • Select Endpoint DLP from the drop-down menu.
  • Go to Configuration > Prevention Policies > Clipboard Control.
  • Click Create New Policy in the top-right corner.
  • Provide the Profile Name and Profile Description.
  • Configure the Include and Exclude criteria to set up the conditions for which the profile should be implemented. In addition to the criteria, you can trigger the prevention policy when all parameters are satisfied, or if even just one parameter is met, by configuring the Condition Match rule.
  • Click Save and ensure you map the prevention policy to the target endpoints to enforce them.

Note: If multiple clipboard control prevention policies are enforced with varying response actions, the profile with the block response will prevail.

Refer to the examples below to create your own custom prevention policy.

Target action Include criteria Exclude criteria Response
To block all copy actions for file names containing "customer addresses".
  • User Object - In - ALL
  • Data Source - In - Local Drives, Network Drives, Removable Drives
  • File/Folder Name - Contains - Customer Addresses
  • Condition Match: Any condition (OR)
- Audit and block file copy attempts.
To block all clipboard file copy actions in all endpoints and removable media devices.
  • User Object - In - ALL
  • Data Source - In - Local Drives, Network Drives, Removable Drives.
  • Condition Match: All conditions (AND)
- Audit and block file copy attempts.
To block file copy actions for all files except for Files A and B.
  • User Object - In - ALL
  • Data Source - In - Local Drives, Network Drives, Removable Drives.
  • Condition Match: All conditions (AND)
  • File/Folder Name - Contains - A, B
  • Condition Match: Any condition (OR)
Audit and block file copy attempts.

Notes:

  • The Data Source, Object Type, and File/Folder Name criteria are multi-input values, and you can select more than one value under the same parameter.
  • Local Drives refers to files that are copied from the local system or any external storage devices connected to it.
    • Network Drives refers to file copy actions that take place within the network.
    • Removable Drives refers to all detected USBSTOR-based removable media storage devices.

Mapping the clipboard control prevention policy to endpoints

All prevention policies need to be mapped to endpoints to be enforced in them. Follow the steps below to map them to endpoints:

  • In the Endpoint DLP module in the drop-down menu, go to Configuration > DLP Policies.
  • Select the DLP policy linked to the endpoints that you want to apply a clipboard control prevention policy to.
  • In the Prevention Policies section, go to Clipboard Control. Select the custom policy you created.
  • Click Save to implement the prevention policy to all endpoints linked to this DLP policy.

Don't see what you're looking for?

  • Visit our community

    Post your questions in the forum.

     
  • Request additional resources

    Send us your requirements.