Data Loss Prevention

 View Only

  • 1.  Drag and drop sensitive text

    Posted May 31, 2016 09:05 AM

    Hi all

    is there any way to block drag and drop confidential information. not copy paste- drag and drop. abaut clipboard i know, endpoint prevent can block but drag and drop texts not block. is there any solutions?



  • 2.  RE: Drag and drop sensitive text

    Posted Jun 01, 2016 03:22 AM

    Hi Sevak,

    Let's take one Example for your question.

     

    1. Create a policy wich blocks confidential word from leaving an organization.

    2. Your Word Document contains a confidential word.

    3. Open your browser (Firefox) => open docs.google.com (Where we can drag the confidential data )

    4. try to drag and drop Confidential data from word doc to google doc.( DLP will definitely block it ) 

     

    Or You may haven't configured the policy correctly.

     

    Regards,

    Hardeepsinh



  • 3.  RE: Drag and drop sensitive text

    Posted Jun 01, 2016 03:31 AM

    Hi, thank you , for answer

    lets to tell exaple, that not block

    1. open confidetnial text (source codes, or words)

    2. open firefox and go to pastebin.com, cryptobin.com... etc. there is milion sites like this

    3.drag confidential text and drop this sites

    you see, thats not block anything, and confidential info leave company(( maybe am i wrong ?  i think SDLP not monitor drag and drop channel

    if you know how can prevent or monitor this channel, let me know please

     

    Best Regards

    Sevak



  • 4.  RE: Drag and drop sensitive text

    Posted Jun 01, 2016 03:43 AM

    Okay, I tried same at my TestLab.

     

    Yes the data get copied in Pastebin.com but here is the catch

     

    As soon as you click Paste it ( Upload Button ) 

    It Will block the Connection.

    See below Screenshot.

    Screen1.png



  • 5.  RE: Drag and drop sensitive text

    Posted Jun 01, 2016 04:31 AM

    Thank you, for answer

    problem is this, that we can drag text in sites. its mean, that drag channel not monitored.

    if you drag confidential text to cryptobin.co  you can upload it,without any problem. its will encript your confidential text on browser. and like this site there is milion.

    problem is- MONITOR CHANNEL DRAG.

    If you have other idea abaut this, please let me know. becouse its very problem.

     

    Thank you for answer

    BR

    Sevak



  • 6.  RE: Drag and drop sensitive text

    Posted Jun 01, 2016 04:48 AM

    Hi Sevak, in simple and in single line. yes it can block drag and drop content as long as the content is defined to block in your policy.



  • 7.  RE: Drag and drop sensitive text

    Posted Jun 02, 2016 07:15 AM

    Hello!

    thank you for answer.

    its not block  drag and drop text. please test to drag confidential text and drop anywere. Dlp only can block after upload. it is problem, becouse you can drag confidential text in crybtonin.co and send anywhere. like cryptobin. co site there is thousands.

    if you have other idea abaut this let me know please.



  • 8.  RE: Drag and drop sensitive text
    Best Answer

    Posted Jun 15, 2016 04:01 AM

    Hello Sevak,

     

    I believe the easier solution here is to block via proxy the access to these types of websites (companies like Blue Coat offer services which contains updated lists of urls based on a category -  actually this company is being acquired by Symantec).

     

    Regards,

    M



  • 9.  RE: Drag and drop sensitive text

    Posted Jun 15, 2016 04:08 AM

    Hello dear

    thank you for answer.

    its mean, that we can only block addreses like this, and we dont have any way to  control channel drag and drop?



  • 10.  RE: Drag and drop sensitive text

    Posted Jun 15, 2016 11:46 AM

    that's right.