Data Loss Prevention

 View Only

  • 1.  DLP 11.5

    Posted May 29, 2012 04:51 PM

    I'm running a test lab for Symantec DLP and testing high-level scenarios. I figured out how to block confidential content from being emailed and discoverd. However, I am not able to figure out how to generate incidents if the items are copied using a "Dropbox".

     

    Does anyone know how I should configure my policies and response rules to block Dropbox using DLP?

     

    Please advise,

    Thanks,

    Dennis



  • 2.  RE: DLP 11.5

    Posted May 29, 2012 10:06 PM

    To block files from being copied to the Dropbox folder, you will have to use the "copy to hard drive" protocol in your response rule. Please ensure that the copy to hard drive protocol is monitored under the Agent Configuration (under System menu).



  • 3.  RE: DLP 11.5
    Best Answer

    Posted May 30, 2012 10:04 AM

    I did not see a "Copy to Hard Drive" option...there is a "Copy Stored File" option. However I was able to get it to work as follows:

    * I added the DropBox.exe under the Application Monitoring section in combination with settings defined under the "Block Copy to Removable Media", "Block Web Communication" and "Remove Web Content" due to other areas to protect as well.

    Hope this helps!

    Thanks,

    Dennis