Video Screencast Help
Symantec to Separate Into Two Focused, Industry-Leading Technology Companies. Learn more.

Controlling files inside a directory via DLP Agent

Created: 02 Feb 2013 | 3 comments

Is It possible  that I put all my confidential documents in a folder and let a user read files from that folder but  prevent him  from copying/pasting  or moving out any file from that folder .

 

Comments 3 CommentsJump to latest comment

davjoh's picture

Hi Subhani,

This isn't available for our DLP agent.

The Prevent agent will;

  • Monitor files being downloaded to the endpoint.
  • Monitor/Block copied files to/from a network share

Endpoint Discover can also scan for data at rest on the endpoint

An area you may want to examine is the use of Symantec Critical System Protection (SCSP) or Symantec Endpoint Prevent 12.1 (SEP), that have Host IPS functionality to de-escalate privileges around folders.

DLP Endpoint Prevent could then be used to stop copy from within a document if it contained data breaching a DLP policy.

Kind regards David

 

stumunro's picture

Subhani,

 

the agent does have a have a endpoint block, or a end point user justification. would this suffice?

let me know if this wonit work as there may be some other options to look at.

kishorilal1986's picture

hi Subhani,

First u can assign read only rights to that folder in which u copied all confidentail documents. DLP can help u at endpoint and networks level protection to monitor and block the copy/pasting of your confidentail data.