Data Loss Prevention

Dear All,

One of our customers asked me about the protection of metadata or the keywords from removing attempt. They have DLP that check the tag of the files, and as per policy it prevents printing or sending of the file to outside, the issue is if an educated user could know this policy and delete the tag file or any keyword and send the files to outside DLP will not prevent him.

The question is how DLP can help at this point. 

Hi Amir,

Please refer 

Data insights solution and VML detection technology of Syamntec DLP.

above can help u .

http://www.symantec.com/articles/article.jsp?aid=20110210_how_symantec_uses_machine_learning_to_find_and_protect_data

Hi amir,

 Your customer need to work with his business teams in order to identify sensitive data (instead of only document) and characterize them in order to define some DLP policy. We did that for several customer in order to "fully" cover data leakage risk for their most sensitive data.

Regards  

Here is in lies the issue..

Meta Tagging of files is a good thing, but you should also have policies that are looking for the actual content that is most important to the customer (SSN's, PCI, and Keywords)

So they should have a couple of policies, one that looks for the content alone, MetaData & the content, in addition to just the MetaData.

You need to have policies that cover the gambit of ways to detect information, not just one

Ronak

Thanks to all,

I’m thinking about integrate DLP and RMS "using Gigatrust", so if the document is tagged as conditional then DLP will use gigatrust to secure the document by sign it. ... Do you think it make sense?

If yes, then how can get flex response for Gigatrust which is mentioned here

http://www.gigatrust.com/symantec.shtml

Dear Amir,

As u asked for some solution for which I have provided to u solution as per your query.

u can do with metadata using Symantec Data Insights.

ops I can mark two solution :(

thank you sharma, and all,

what do you thing about my comments?