Help Center
Quick Start
- Overview
- System requirements
- Minimum privileges required
- Default port configuration
- Installing DataSecurity Plus
- Uninstalling DataSecurity Plus
- Starting DataSecurity Plus
- Launching DataSecurity Plus
- Configuring your solution
- Licensing details
- Applying a license
File Auditing
- About File Auditing
- Domain configuration
- File server configuration
- Failover cluster configuration
- NetApp server configuration
- Workgroup configuration
Setting up File Audit
Dashboard
Reports
Alerts
Configuration
Storage Configuration
File Analysis
- About File Analysis
- On-Demand Reports
Setting up File Analysis
Dashboard
Reports
Alerts
Configuration
Data Risk Assessment
- About Data risk assessment
Setting up Data risk assessment
Dashboard
Reports
Ownership analysis
Configuration
Endpoint DLP
- About Endpoint DLP
Setting up Endpoint DLP
Reports
Alerts
Prevention policies
Configuration
Cloud Protection
- About Cloud Protection
- Gateway Server Configuration
- Certificate Authority Configuration
- Gateway Configuration in Endpoint
- Manage Certificate Trust Store
- Threat Analytics Database
- Manage Banned Applications
- Manage Authorized Applications
- Gateway Server Failover
- Two-way SSL configuration
- Global Insight
- Application Insight
- User Insight
- Shadow Application Insight
- Banned Application Insight
- Cloud App Discovery
- Cloud Access Reports
- Application Insights
- Shadow Cloud Application Reports
- Banned Cloud Application Reports
- File Upload Reports
Setting up Cloud Protection
Dashboard
Reports
Control Policies
Storage Configuration
Administrative settings
- Technician configuration
- Notification filters
- Manage agent
- Agent settings
- SIEM integration
- Business hours configuration
- Two-factor authentication
- Workgroup configuration
- Security policy
Email configuration
General settings
- Connection
- Personalize
- DataSecurity Plus Server
- Privacy Settings
- Disk utilization
- Schedule Retention Policy
Policy Configuration
Release notes
2024
2023
2022
2021
2020
2019
2018
2017
2016
2015
Troubleshooting
- HTTP communication failure
- Dormant DataEngine
- Secure Gateway server failure
- RPC communication failure
- Known issues and limitations
- Known errors and solutions
Guides
- Agent document
- How to Migrate/Move DataSecurity Plus
- How to apply SSL certificate
- How to automate DataSecurity Plus database backup
- How to set alerts in DataSecurity Plus
- How to secure your DataSecurity Plus installation
Clipboard control configuration
The Endpoint DLP module in DataSecurity Plus offers prevention policies to thwart and respond to potential file security risks. The clipboard control prevention policy audits and blocks clipboard copy actions triggered within local devices, the organizational network, and removable devices.
There are two steps to preventing copy actions in configured endpoints:
- Create a file copy prevention policy with the block response enabled.
- Map the prevention policy to the DLP policy that has been applied to endpoints.
Note: The default clipboard control prevention policy audits all clipboard copy actions. It cannot be edited or deleted. If you want to modify your responses to copy actions, you must create a new policy and customize it.
Creating a new clipboard control policy
You can create a new policy when you want to block copy actions in select files or in specific endpoints. Follow the steps below to configure a custom copy prevention policy:
- Select Endpoint DLP from the drop-down menu.
- Go to Configuration > Prevention Policies > Clipboard Control.
- Click Create New Policy in the top-right corner.
- Provide the Profile Name and Profile Description.
- Configure the Include and Exclude criteria to set up the conditions for which the profile should be implemented. In addition to the criteria, you can trigger the prevention policy when all parameters are satisfied, or if even just one parameter is met, by configuring the Condition Match rule.
- Click Save and ensure you map the prevention policy to the target endpoints to enforce them.
Note: If multiple clipboard control prevention policies are enforced with varying response actions, the profile with the block response will prevail.
Refer to the examples below to create your own custom prevention policy.
| Target action | Include criteria | Exclude criteria | Response |
| To block all copy actions for file names containing "customer addresses". |
|
- | Audit and block file copy attempts. |
| To block all clipboard file copy actions in all endpoints and removable media devices. |
|
- | Audit and block file copy attempts. |
| To block file copy actions for all files except for Files A and B. |
|
|
Audit and block file copy attempts. |
Notes:
- The Data Source, Object Type, and File/Folder Name criteria are multi-input values, and you can select more than one value under the same parameter.
- Local Drives refers to files that are copied from the local system or any external storage devices connected to it.
- Network Drives refers to file copy actions that take place within the network.
- Removable Drives refers to all detected USBSTOR-based removable media storage devices.
Mapping the clipboard control prevention policy to endpoints
All prevention policies need to be mapped to endpoints to be enforced in them. Follow the steps below to map them to endpoints:
- In the Endpoint DLP module in the drop-down menu, go to Configuration > DLP Policies.
- Select the DLP policy linked to the endpoints that you want to apply a clipboard control prevention policy to.
- In the Prevention Policies section, go to Clipboard Control. Select the custom policy you created.
- Click Save to implement the prevention policy to all endpoints linked to this DLP policy.