截屏视频帮助

Controlling files inside a directory via DLP Agent

创建时间: 02 2 月 2013 | 3 条评论

Is It possible  that I put all my confidential documents in a folder and let a user read files from that folder but  prevent him  from copying/pasting  or moving out any file from that folder .

评论 条评论跳转至最新评论

davjoh 的图片

Hi Subhani,

This isn't available for our DLP agent.

The Prevent agent will;

  • Monitor files being downloaded to the endpoint.
  • Monitor/Block copied files to/from a network share

Endpoint Discover can also scan for data at rest on the endpoint

An area you may want to examine is the use of Symantec Critical System Protection (SCSP) or Symantec Endpoint Prevent 12.1 (SEP), that have Host IPS functionality to de-escalate privileges around folders.

DLP Endpoint Prevent could then be used to stop copy from within a document if it contained data breaching a DLP policy.

Kind regards David

stumunro 的图片

Subhani,

the agent does have a have a endpoint block, or a end point user justification. would this suffice?

let me know if this wonit work as there may be some other options to look at.

kishorilal1986 的图片

hi Subhani,

First u can assign read only rights to that folder in which u copied all confidentail documents. DLP can help u at endpoint and networks level protection to monitor and block the copy/pasting of your confidentail data.