Video Screencast Help

DLP Incident handling methods

Created: 10 Mar 2013 • Updated: 13 Mar 2013 | 4 comments
This issue has been solved. See solution.

Dear All,

please tell me how we can work on incidents that are genrated on DLP and what are the method to handle dlp incidents ?

Comments 4 CommentsJump to latest comment

kishorilal1986's picture

Hi Rajat,

As I am worked for almost 2 yrs for incident management for symantec DLP . I can guide u better.

First u need to design the incident handling and escalation workflow. U can automate the esacalation workflow and start working on it.

U need to assess the incident on daily basis and escalate the incident to the supervisor of user for investigation, Once investigation done and if req keep HR in loop to appropriate actions.

Please refere some below guide

http://www.symantec.com/business/support/index?pag...

https://www-secure.symantec.com/connect/articles/d...

https://www-secure.symantec.com/connect/forums/dlp...

SOLUTION
stephane.fichet's picture

Hi rajat,

 Dont forget to take into account that you may need some seggregation in who is allowed to see what type of incident and that if your working for multinational, end user country has also to be taken into account to ensure you are compliant with local regluations and laws.

 

 regards

kishorilal1986's picture

It depends on what is the incident workflow to handle and escalate the incident. What are the team are includede in this process like HR and ISG team,legal etc...