Data Loss Prevention

Hello all,

I'm new to Symantec DPL and I'm trying to develop some policies for testing purposes.

So far i have the Enforce Server connected to an Endpoint Protection & Discover Server and to a Network Monitor Server. I'm looking to block users from sending email with sensitive data as well to send a notification email when a policy violation is detected.

Hi there, please have a look through these resources.

Informative links here: 

https://www-secure.symantec.com/connect/forums/demo-dlp-video-tutorials-documentation-how-tos

Symantec DLP Knowledgebase:

https://www-secure.symantec.com/connect/blogs/symantec-dlp-knowledgebase

Let me know if you need further info. Cheers.

This is truly a late comment but basically, developing a block policy is a stepped process :

1. Monitor: to see if it is detecting as it should.

2. Analyze results:   what you are finding? - broken business process, inappropriate employee use, appropriate use that should be used as an exception. Write smart responses to help bucket your results including one that sends a message to employees (prior approval by HR and legal required).

3. Once you have warned employees, used your company's communication vehicles to let people know that a specific behavior will not longer be allowed and provided them with an appropriate way of doing the same thing, then.....and only then......should you put it on block.