Data Loss Prevention

Print Friendly, PDF & Email

You can now prevent unauthorized loss, pilferage, or leakage of confidential company data using the Data Loss Prevention (DLP) feature of SEPS.

It is necessary to enable DLP on endpoints. To do this, see Enabling DLP feature.

You can also view a report of the users who attempted to cause the unauthorized leakage of confidential data. See Reports for Data Loss Prevention.

You can either choose to be notified through email notification when an attempt is made to leak information or prevent the attempt from being carried out successfully.

The DLP feature can stop any such unauthorized activity that is carried out through the following Data Transfer Channels:

  • Using the Print Screen option to save the screenshot (Applicable only for Windows platform). The file/data is not monitored.
  • Using Removable Devices to copy data (Applicable only for Windows platform). For selected File Types, the Removable Devices go to ‘Read Only’ mode when ‘Monitor Removable Devices’ option is selected.
  • Using Network Share accessed using UNC Path or Mapped Network Drive (Applicable only for Windows platform).
  • Using the Clipboard to paste information from one application to another.
  • Using printer activity, printing through local and network printer. The file/data is not monitored. (Applicable only for Windows platform)
  • Using online services of third-party Application/Services to send data such as email, file sharing apps, cloud services, Web browsers and other applications using social media.

You can also identify the type of data that you want to monitor such as:

  1. File Types
    • Graphic Files (Audio, Video, Images)
    • Office Files (MS Office, Open Office, Kingsoft Office)
    • Programming Files
    • Some Other File Types (Compressed files etc.)
    • Custom Extension Files
  2. Confidential Data
    • Confidential data such as Credit/Debit Cards
    • Personal information such as Social Security Number (SSN), Email ID, Phone Numbers, Driving License Number, Health Insurance Number, Passport Number, ID, International Banking Account Number (IBAN), Individual My Number, Corporate My Number, Pin Code, Aadhar Number and Vehicle Registration Number.
  3. User Defined Dictionary
    To specify the words/strings that must be flagged if used in communication.

Confidential Data & User Defined Dictionary Data will not be monitored and blocked if it is in the Subject Line or Message Body of email, instant messenger communication.

Add-on Features

The DLP pack contains the following 2 add-on features.

  • File Classification
  • Optical Character Recognition (OCR)

File Classification

When a new Microsoft Office file is generated, DLP asks to classify the file as Confidential or Public.
You can classify existing files also. Files classified as confidential are treated as sensitive files and any operation to leak is blocked/reported as per DLP policy. This is regardless of the content of the file.

Files classified as Confidential will be monitored only for the following Data Transfer Channels,

  • Removable Devices
  • Network Share
  • Application/Online Services

To classify files, follow the given steps:

  1. Log on to the Seqrite Endpoint Security Web console.
  2. Go to Settings > Client settings > Data Loss Prevention.
  3. Select the Enable Data Loss Prevention check box.
  4. In the Add-on Features section, the File Classification check box is enabled by default.
  5. Select the Always show pop-up to classify a new file check box if you want to view pop-up every time when you create a new file.
  6. When you create a new MS Office file, save and close it, a Seqrite File Classification dialog appears. The dialog appears only for MS Office files.
  7. Select the classification level as Public or Confidential.
  8. Click OK.
    The overlay icon of classified file appears as per classification.
    When you copy a file, classify the copied file as per above procedure.

The overlay icon of classified file appears after system or Windows Explorer is restarted after client is installed.

To classify existing files, follow the given steps:

  1. Select the files to be classified. You can select maximum 100 files at a time.
  2. Right click the selected files and select Seqrite File Classification > classification level as Public or Confidential or Unspecified.
    A Seqrite File Classification dialog appears showing result. The lay over icon of classified files appears as per classification.
    You can remove the classification, by selecting Unspecified option.

Manual classification is supported only on NTFS.

Optical Character Recognition (OCR)

Optical Character Recognition feature is disabled by default.

The confidential/user defined data from image files is identified in case of data leak and action is performed as per policy. The image details are mentioned in the DLP report.

OCR supports the following image formats,

  • JPEG (or JPG) – Joint Photographic Experts Group
  • PNG – Portable Network Graphics
  • GIF – Graphics Interchange Format
  • TIFF – Tagged Image File
  • BMP – Bitmap image files

Limitations

  • OCR does not support embedded images scanning.
  • Only Roman (English) alphanumeric script is detected from the images.
  • Only clear and high-quality images are detected by OCR. The blur, distorted, too small or too large images may not be detected.

To enable the OCR feature, follow the given steps:

  1. Log on to the Seqrite Endpoint Security Web console.
  2. Go to Settings > Client settings > Data Loss Prevention.
  3. Select the Enable Data Loss Prevention check box.
  4. In the Add-on Features section, select the Optical Character Recognition (OCR) check box.
    You can view list of supported OS versions for OCR by clicking the link.

OCR feature in DLP is available in Microsoft Windows Vista SP2, Windows 7 SP1, and above Personal computer versions and Windows Server 2008 SP2, Windows Server 2008 R2 SP1, and above Server versions.

  • Data Loss Prevention feature is not available in both EPS Business and Total flavor. User need to purchase a DLP pack separately to avail this feature.
  • Data Loss Prevention feature is not supported with the EPS SME flavor.

Preventing leakage of data

  1. Log on to the Seqrite Endpoint Security Web console.

  2. Go to Settings > Client settings > Data Loss Prevention.Select the Enable Data Loss Prevention check box. You can choose to select the option for an Alert message on the endpoint on which an attempt is made at data leakage.

  3. Select the channels that you want to monitor from the following options:

    • Print Screen (applicable only in Windows platforms)
    • Monitor Removable Devices (applicable only in Windows platforms)
    • Monitor Network Share (applicable only in Windows platforms)
    • Monitor Clipboard
    • Printer Activity (applicable only in Windows platforms)
    • Monitor Data Transfers through Application/Online Services
  4. Select the applications that you want to monitor for attempts at data pilferage by clicking on the Applications drop down list. Do one of the following:
    You can select all the applications in the group.

    • Select the applications one by one after expanding the group caret.
    • Select all Mac platform applications by clicking the Mac group icon.
    • Select all Windows applications by clicking on the Windows icon.
    • Select all Web Browsers or one by one after expanding the group caret.
    • Select all E-mail applications or one by one after expanding the group caret.
    • Select all Instant Messaging applications or one by one after expanding the group caret.
    • Select all File Sharing/Cloud Services applications or one by one after expanding the group caret.
    • Select All Social Other applications or one by one after expanding the group caret.
    • Select All Custom applications or one by one after expanding the group caret.
  5. To configure email SSL settings, select the Enable Email scanning over SSL check box. This is applicable only when you select Email option in the Application / Online Service. Ensure that you perform the procedure to import the certificate for the mail client that you are using. This feature is available only in the clients with Microsoft Windows operating system.

  6. Configure the settings for File Types, Confidential Data, and User Defined Dictionary.

  7. Configure the action to be performed after the attempts is carried out, for example Block and Report or Report only.Alert prompts will not be displayed for Report Only action.

  8. In the Configure Exceptions section, do the following:

    • In the Domains tab, select the Enable domain Exception check box.
    • Select the domains to exclude from Data Loss Prevention.
    • In the Applications tab, select the Enable applications Exception check box.
    • Select the applications to exclude from Data Loss Prevention.
    • In the Network Path tab, select the Enable Network Path Exception check box.
    • Select the Network Path check box to exclude from Data Loss Prevention.
  9. Click Save Policy.

For Mac Client:

  • Confidential & User Dictionary Data will not be blocked in subject line, message body of email or messenger communication.
  • Prompts and report will be generated in case if monitored file type is downloaded.
  • Certain file types (POT, PPT, PPTX, DOC, DOCx, XLS, XLSX, RTF) containing Unicode data will not be blocked.
    Seqrite provides you an advanced scanning feature, Data-At-Rest Scan. With this feature you can search for a particular type of data in various formats.
Was this page helpful?

Leave a Comment