Data Loss Prevention

Hi ,  I need the reply very urgently as my mgmt. is aksing . Is it Possible to keep track of a Confidential File via DLP.Keeping track means ,who accessed it ,who read it and who modified it .

HI,

Auditing/Monitoring of User Activity in DLP

https://www-secure.symantec.com/connect/articles/a...

Check this thread

https://www-secure.symantec.com/connect/forums/how-track-personal-information-symantec-dlp

Hi

 audit log will allow you to know who downloaded confidential file from DLP system or who open incident which contains this file. But if you want to keep track of all action performed on a confidential file, you will need an other system to do so as DLP did not control file activity until someone try to copy/sent it outside of your organisation. DLP discover server (use for data at rest) are able to give you information of who create a file and who last modify it (std windows info) but usually it is not enough for what you want to do.

 "Varonis" has a nice tool to do this kind of tracking on file activity (i am sure there is also some other tool but this is the one i use more frequently so i let other people giving you other possibilities).

 Regards

once the appropriate policy is configured the incident will show all the information who voilated the policy.

Yes DLP to track of who accessed the Confidential data via DLP but it will not fulfill all your req.like who read it and who modified it .It will give u who accesed and where it has been sent out/tranferred. for getting more detail you should implements data insights supplementary componentof DLP with data ownere dature enable and DRM technolgy.

endpoint discover can get to know about the files, integration with DI will give better picture.

Hi shybhani,

DI mentions who owns the file, who last viewed , edited .

Pete,

you bring up a very valid point... most people do not buy DI (data insight) when talking DLP.

DI is a tool with tremendous power, properly configured it will giv eyou wa weatlh of knowledge on the use and access fo the file(s) you are working with on a incident for DLP.

Recommend to use data insight to capture all these information.

Can someone explain the components of a DLP Suite .While going for dlp solution ,we were not told about DLP Insight .is it a plugin or separate product .It will be helpful if some one can explain or mention all the DLP related products avaialble from Symantec .

Hi Subhani,

As u asked about Data Insight, please find details followed by below links

https://www-secure.symantec.com/connect/blogs/new-release-symantec-data-insight-301

https://www-secure.symantec.com/connect/videos/sa-b12-symantec-data-insight-improve-unstructured-data-governance-through-insights-data-owner

https://www-secure.symantec.com/connect/videos/sm-b13data-insight-improve-unstructured-data-governance-through-insights-data-ownership-and-u

https://www-secure.symantec.com/connect/videos/improve-data-governance-symantec-data-insight

I am sure now u will get answer of ur query

these are integrations for DLP. Like you can integrate EV , SMg, CCS along with the DLP.

You contatct the Symantec partner or sales for more information on this.