I have a question. can you help me in how can i protect users to change the file format that have the DLP agent installed
Hi MC, this is not possible. You cant expect that DLP will do everything for you as every user/organization having diffrent requirement.So considering this the DLP provoding all important and flexible features which needs.
even if the file extension is changed and its violates policy then too there will be incident.
Help Link: http://www.symantec.com/business/support/overview.jsp?pid=54619
Even the ppl will change the file format of the file but our DLP scan each packet with deep content monitoring and generate the incident if any confidenial data is tried to sent out.
Even In my previous company i have handled such issues, In that case some user tried to send the data by chaninging its file format but DLP had succesfully detects and generate the incident. To prove the data exist , you have to do some forensics to extract and to show the confidential data as user my denied for the same.