Data Loss Prevention

We want incidents to be created if policies are violated when documents are sent to the printer, but need a way to prevent them from being created when they are being printed to a PDF only.

Hi Jim,

Please refer,

U can exclude the file type exclusion for .pdf file types in Policy. Also read below for more details

https://www-secure.symantec.com/connect/forums/dlp-print-monitor-how-it-works

Thanks for the response.

In our scenario, we don't want to exclude PDF's, we only want to exclude when a user goes through the Print option in word to created a PDF through PDF Factory Pro.  We had hoped we could create application monitoring for PDF Factory Pro to exclude these instances, but we can't.  The application is still word, only the printer shows up as PDF Factory Pro, and we can't exclude based on the printer name.

Thanks

 

Hi Jim, Detection begins when a user clicks "Print." Even if the print job is subsequently canceled, if sensitive data is discovered, an incident is generated. This is expected behavior.

I have wondered the same thing also on this as my company has a number of people that print to pdf. So far the only solution around it is to have the employees do a save as to pdf.

Yes - it would be nice if you didn't have to change your business processes because of the tool that is supposed to help you find and fix broken business processes...

Ideally, we could get a solution that would allow to either

1. Exclude incidents from being created when the printer name is PDF Factory Pro, or any other printer name for that matter

or

2. Allow us to automatically close those incidents so that our teams that review incidents wouldn't have to review and respond to them.