Data Loss Prevention

Print Friendly, PDF & Email

You can prevent unauthorized loss, pilferage, or leakage of confidential company data using the Data Loss Prevention (DLP) feature.
It is necessary to enable DLP on endpoints. To do this, see DLP.
The DLP policy can stop an unauthorized activity that is carried out through the following channels:

  • Using the Print Screen option to save the screenshot (Applicable only for Windows platform). The file/data is not monitored.
  • Using Removable Devices to copy data (Applicable only for Windows platform)
  • For selected File Types, the Removable Devices go to ‘Read Only’ mode when ‘Monitor Removable Devices’ option is selected.
  • Using Network Share accessed using UNC Path or Mapped Network Drive (Applicable only for Windows platform).
  • Using the Clipboard to paste information from one application to another.
  • Using printer activity, printing through local and network printer. The file/data is not monitored. (Applicable only for Windows platform)
  • Using online services of third-party Application/Services to send data such as email, file sharing apps, cloud services, Web browsers and other applications using social media.

Note
User need to purchase a DLP pack separately to avail this policy.

Data Loss Prevention

To configure policy for Data Loss Prevention, follow these steps:

  1. Create Container/feature policy for Data Loss Prevention.
  2. On the Feature Policy page, you can see list of settings with expand sign and toggle button. Expand and enable settings that you want to configure.

    • Data Loss Prevention
    • Add-on features
    • Data Transfer Channels
    • Data Settings
    • Exceptions
  3. Enable Data Loss Prevention. Select the Display alert message on DLP policy violation check box.
  4. Select Action to configure the action to be performed after the attempts is carried out, either Report only or Block and Report. Alert prompts will not be displayed for Report Only action.
  5. In the Add-on section, the following 2 add-on features are available.
    • File Classification
    • Optical Character Recognition (OCR)
    • Select the Always show pop-up to classify a new file check box if you want to view pop-up every time when you create a new file.
    • Select the Optical Character Recognition (OCR) check box. You can view list of supported OS versions for OCR by clicking the link, Supported OS list.

    File Classification
    When a new Microsoft Office file is generated, DLP asks to classify the file as Confidential or Public. You can classify existing files also. Files classified as confidential are treated as sensitive files and any operation to leak is blocked/reported as per DLP policy. This is regardless of the content of the file.
    Files classified as Confidential will be monitored only for the following Data Transfer Channels,

    • Removable Devices
    • Network Share
    • Application/Online Services

    Select the Always show pop-up to classify a new file check box if you want to view pop-up every time when you create a new file.

    1. When you create a new MS Office file, save and close it, a Seqrite File Classification dialog appears. The dialog appears only for MS Office files.
    2. Select the classification level as Public or Confidential.
    3. Click OK.

    The overlay icon of classified file appears as per classification.
    When you copy a file, classify the copied file as per above procedure.

    Note
    The overlay icon of classified file appears after system or Windows Explorer is restarted after client is installed.

    To classify existing files, follow the given steps:

    1. Select the files to be classified. You can select maximum 100 files at a time.
    2. Right click the selected files and select Seqrite File Classification > classification level as Public or Confidential or Unspecified.
      A Seqrite File Classification dialog appears showing result. The lay over icon of classified files appears as per classification.
      You can remove the classification, by selecting Unspecified option.

    Note
    Manual classification is supported only on NTFS.

    Optical Character Recognition (OCR)
    Optical Character Recognition feature is disabled by default.
    The confidential/user defined data from image files is identified in case of data leak and action is performed as per policy. The image details are mentioned in the DLP report.
    OCR supports the following image formats,

    • JPEG (or JPG) – Joint Photographic Experts Group
    • PNG – Portable Network Graphics
    • GIF – Graphics Interchange Format
    • TIFF – Tagged Image File
    • BMP – Bitmap image files

    Note
    OCR is applicable only for the following Data Transfer Channels,

    • Removable Devices
    • Network Share
    • Application/Online Services

    Limitations

    • OCR does not support embedded images scanning.
    • Only Roman (English) alphanumeric script is detected from the images.
    • Only clear and high-quality images are detected by OCR. The blur, distorted, too small or too large images may not be detected.

    Note
    OCR feature in DLP is available in Microsoft Windows Vista SP2, Windows 7 SP1, and above Personal computer versions and Windows Server 2008 SP2, Windows Server 2008 R2 SP1, and above Server versions.

  6. Expand Data Transfer Channels. Select the channels that you want to monitor from the following options:

    • Print Screen (applicable only in Windows platforms)
    • Removable Devices (applicable only in Windows platforms)
    • Network Share (applicable only in Windows platforms)
    • Clipboard
    • Printer Activity (applicable only in Windows platforms)
    • Application/Online Services
  7. Select the applications that you want to monitor for attempts at data pilferage by clicking the Applications list. Do one of the following:
    You can select all the applications in the group.

    • Select the applications one by one after expanding the group caret.
    • Select all Mac platform applications by clicking the Mac group icon.
    • Select all Windows applications by clicking on the Windows icon.
    • Select all Web Browsers or one by one after expanding the group caret.
    • Select all E-mail applications or one by one after expanding the group caret.
    • Select all Instant Messaging applications or one by one after expanding the group caret.
    • Select all File Sharing/Cloud Services applications or one by one after expanding the group caret.
    • Select All Social Media/Others applications or one by one after expanding the group caret.
  8. To configure email SSL settings, select the Enable Email scanning over SSL check box. This is applicable only when you select Email option in the Application / Online Service. Ensure that you perform the procedure to import the certificate for the mail client that you are using. This feature is available only in the clients with Microsoft Windows operating system.
  9. Expand Data Settings to configure the settings for File Types, Confidential Data, and User Defined Dictionary.
  10. Select the Monitor File Types check box. Select the File Types caret from the following:

    • Graphic Files (Audio, Video, Images)
    • Office Files (MS Office, Open Office, Kingsoft Office)
    • Programming Files
    • Other Files (Compressed files etc.)
  11. To add the Custom Extensions, do the following:

    1. Select the Custom Extensions check box.
    2. Click Add button. Add Custom Extensions dialog appears.
    3. Type an extension in the text box and press enter.
    4. Click Add.
      You can delete the custom extension with the help of delete icon.
  12. Select the Monitor Confidential Data check box. Select the Confidential data carets from the following:

    • Confidential data such as Credit/Debit Cards
    • Personal information such as Social Security Number (SSN), Email ID, Phone Numbers, Driving License Number, Health Insurance Number, Passport Number, ID, International Banking Account Number (IBAN), Individual My Number, Corporate My Number, Pin Code, Aadhar Number, Vehicle Registration Number, Drug Enforcement Agency Number, Australia Tax File Number, Australian Business Number, and Australia Medical Account Number.
    • Select the Monitor User Defined Dictionary check box. The User Defined Dictionaries are created at Data Loss Prevention.
    • The words/strings must be flagged if used in communication.

      Note
      You can either choose to be notified through email notification when an attempt is made to leak information, or prevent the attempt from being carried out successfully.

  13. Expand Action to configure the action to be performed after the attempts is carried out, either Block and Report or Report only. Alert prompts will not be displayed for Report Only action.
  14. Expand Exceptions. To add the domain names that you want to exclude from Data Loss Prevention, do the following:

    1. Enter the domain name in the text box.
    2. Click Add. You can see the list of domain names. You can edit, delete and export the domain names.
    3. To import the domain name, click Import. The File Upload dialog appears.
    4. Select the valid exported domain data file.
    5. Click Open. The database file is imported.
  15. Note

    • Domain Exceptions support the Windows platform only.
    • Domain Exceptions support Microsoft Outlook and Thunderbird email clients only.
    • If sender and receiver are from different domains, add both domain names in Domain Exception.
  16. In Application Whitelisting, you can import application in .dat file format to exclude applications from Data Loss Prevention. Do the following:

    1. To download DLP Application Whitelisting Tool, click Download.
    2. After downloading the Whitelisting Tool, add applications for DLP whitelisting in the tool.
    3. Generate DLPAppWhiteList.dat file.
    4. Click Import to import DLPAppWhiteList.dat file. The applications are whilelisted.
  17. To add the network paths, do the following:

    1. Enter the Network path the text box.
    2. Click Add.
    3. You can see the list of Network path. You can edit, delete and export the Network path.
    4. To import the Network path, click Import. The File Upload dialog appears.
    5. Select a valid exported network share data file.
    6. Click Open. The database file is imported.

      Note

      • Network path supports the Windows platform only.
  18. Click Save Policy.

    Note
    For Mac Client:

    • Confidential & User Dictionary Data will not be blocked in subject line, message body of email or messenger communication.
    • Prompts and report will be generated in case if monitored file type is downloaded.
    • Certain file types (POT, PPT, PPTX, DOC, DOCx, XLS, XLSX, RTF) containing unicode data will not be blocked.
    • Seqrite provides you an advanced scanning feature, Data-At-Rest Scan. With this feature you can search for a particular type of data in various formats.
Was this page helpful?

Leave a Comment