Data Loss Prevention

 View Only

  • 1.  Prevent copy/paste of binary files

    Posted Aug 23, 2016 05:37 PM

    Is it possible to create a rule in DLP to prevent users from copying or pasting binary files to a network share?  i.e. Deny writes to \\server1\shared for *.exe, etc.



  • 2.  RE: Prevent copy/paste of binary files
    Best Answer

    Posted Aug 24, 2016 03:20 AM

    Hello,

     

    If you activate the  "Network Shares / Copy to Network" under Agent Monitoring (System / Agents / Agent Configuration) you will be able to control such traffic, however you can't specify which network path to monitor, so the monitoring will be applied to all network shares.

     

    In terms of policy development, you will need to create a policy rule to detect File Properties -> Message Attachment -> File Type Match -> Other Formats (i.e. .exe it's included). If you have other specific file types to be added, you can create a match by file name and use for instance a wild card -> *.dll

     

    Best regards,

    Morgado 



  • 3.  RE: Prevent copy/paste of binary files

    Posted Aug 24, 2016 04:37 PM

    Thanks Morgado.  Within the policy rule, would I be able to control which network share they cannot write binary data to?



  • 4.  RE: Prevent copy/paste of binary files

    Posted Aug 25, 2016 03:31 AM
    Hello, No you can’t. The policy will be deployed to all network shares. Unfortunately there isn’t an option to define which network share to control or even a possibility to add an exception. Best, Morgado