Data Loss Prevention

 View Only
  • 1.  after OS reinstall and No DLP agent

    Posted Nov 07, 2013 07:47 PM

    My customer's Question about DLP.

     

    Users store data to the D partition. And C partion is OS.

    When User format and reinstall OS on the C partion.

    Then at this time there is no dlp agent.

    User can copy the data from D partion to USB HDD at the new OS.

    In this situation,

    How can prevent data loss?

    PGP is the only solution??

     

    We also talking about NAC.



  • 2.  RE: after OS reinstall and No DLP agent
    Best Answer

    Posted Nov 07, 2013 09:22 PM

    In this case you will need to install the DLP agent Again.

    PGP its a good idea to encrypt the Data.

    Another thing that you can try is block USB Devices with Endpoint Protection or  protect with Endpoint Encryption Device Control

    http://www.symantec.com/business/support/index?page=content&id=TECH175220

    http://www.symantec.com/endpoint-protection-drive-control

     



  • 3.  RE: after OS reinstall and No DLP agent
    Best Answer

    Posted Nov 07, 2013 09:47 PM

    A great question would be why a user in a corporate environment (assuming that is what it is) is allowed to format the hard drive?  Unless the user was using a corporate image with the DLP agent on it, then there would be no agent on that OS.  

    NAC is a possible solution, but it sounds like group policy and user rights might be a good place to start.



  • 4.  RE: after OS reinstall and No DLP agent

    Posted Nov 12, 2013 07:23 AM

    PGP encryption and endpoint protection block solutions



  • 5.  RE: after OS reinstall and No DLP agent

    Trusted Advisor
    Posted Nov 13, 2013 01:06 AM

    If the customer is so concerned about this use case, then do not allow them to have a D partition! Seriously!!

    Security is all about being secure, if they allow there computers to have a D partition then it provides a security risk in ANY situation, not just DLP.

    The only option here is to encrypt the whole drive. Then nothing can access it if it is formatted or someone reinstalls an OS.

    Hope this makes sense.

    If this solves your questions please marked as solved.

    Ronak