Policy
DataSecurity Plus uses predefined policies to identify endpoint security vulnerabilities in real time.
You can monitor the following security policies using the Endpoint DLP solution:
Data Leak Prevention
Block files containing business-critical data from leaving the network via USBs and email.
File Activity Monitoring
Audit accesses and changes made to files in workstations.
File Copy Auditing
Audit file copy actions by users both within workstations as well as to external storage devices.
File Integrity Monitoring
Detect and respond to unauthorized changes made to sensitive files by users.
Potential Malware Intrusion
Detect potential malware by receiving alerts when safe threshold limits are breached.
Removable Device Auditing
Audit the use of USBs and other removable storage devices.
Sensitive File Activity Monitoring and Response
Receive reports on user activities in files containing sensitive data such as PII and ePHI.
Steps to modify the predefined policies:
- Select Endpoint DLP from the application drop-down and navigate to Configuration > Policies.
- Click the edit icon next to the predefined policy you want to modify.
- In the Applies To field, select the desired groups and devices.
- Add or remove rules configured under Audit Profiles, Alert Profiles, and Prevention Policies.
- Click Save.
Steps to create a new DLP policy:
- Select Endpoint DLP from the application drop-down and navigate to Configuration > Policies.
- Click + Add Policy in the top-right corner.
- Name the policy and include an appropriate description.
- Choose the endpoints that it applies to.
- Choose the rules that you want to add from the Audit Profiles, Alert Profiles, or Prevention Policies section.
- Click Save.
Example: If you want to block sensitive files from being sent as attachments via email, select the Data Leak Prevention - email policy.
Note: The External Device Control Policy will appear in the menu only when a profile is created under that policy.