Data Loss Prevention

 View Only

  • 1.  Controlling files inside a directory via DLP Agent

    Posted Feb 02, 2013 07:25 AM

    Is It possible  that I put all my confidential documents in a folder and let a user read files from that folder but  prevent him  from copying/pasting  or moving out any file from that folder .

     



  • 2.  RE: Controlling files inside a directory via DLP Agent

    Broadcom Employee
    Posted Feb 04, 2013 08:09 AM

    Hi Subhani,

    This isn't available for our DLP agent.

    The Prevent agent will;

    • Monitor files being downloaded to the endpoint.
    • Monitor/Block copied files to/from a network share

    Endpoint Discover can also scan for data at rest on the endpoint

    An area you may want to examine is the use of Symantec Critical System Protection (SCSP) or Symantec Endpoint Prevent 12.1 (SEP), that have Host IPS functionality to de-escalate privileges around folders.

    DLP Endpoint Prevent could then be used to stop copy from within a document if it contained data breaching a DLP policy.

    Kind regards David

     



  • 3.  RE: Controlling files inside a directory via DLP Agent

    Posted Feb 04, 2013 01:43 PM

    Subhani,

     

    the agent does have a have a endpoint block, or a end point user justification. would this suffice?

    let me know if this wonit work as there may be some other options to look at.



  • 4.  RE: Controlling files inside a directory via DLP Agent

    Posted Feb 06, 2013 04:10 AM

    hi Subhani,

    First u can assign read only rights to that folder in which u copied all confidentail documents. DLP can help u at endpoint and networks level protection to monitor and block the copy/pasting of your confidentail data.