Here’s how to test and validate your DLP policies
We’ve released a new useful tool that will help you test if your Data Loss Prevention (DLP) policies are working correctly. Use DLP Policy Testing to validate and check the effectiveness of the DLP solution you have in place and ensure the security of your sensitive data.
DLP solutions help prevent data leaks, data loss, and data theft by monitoring and controlling possible exit points. These can be data transfers through email, uploads to the cloud, or collaboration apps, copying sensitive data to removable devices, and many more.
As a leading DLP provider, we at Endpoint Protector by CoSoSys, have developed a tool that will help you and potential customers test and validate DLP policies. Using it lets you check if your DLP solution has been installed properly and if the DLP policies have been defined correctly. This means that our tool will help you with data security testing and will demonstrate if your data is protected.
To test and validate DLP policies, you’ll need sample data. For this, you can upload your own data or use one of the sets we provide on the page. Our data sets contain sensitive information such as name, credit card number, or social security number, and are available in different formats (HTML, PDF, XLS, and CSV). If you upload your own data, we won’t store it.
In case your DLP solution works correctly and an action breaches your policy, it will be blocked.
What DLP tests can you perform?
Our tool offers three types of tests:
- HTTP Post
- HTTPS Post
- FTP Test
HTTP Post is a request method largely implemented in HTML files for submitting filled-in forms, updating databases, and uploading files to the server. Used by social media sites, blogs, forums, web-based emails, and more, the Post method is the most common way data is leaked over web pages. That’s because sensitive data can be easily lost when completing a web form or uploading a file to a web server. With this test, you can check if your DLP policies can block this type of action. If your data security product works correctly, a block page will be displayed.
The HTTPS Post test allows you to check if your DLP solution is able to block HTTPS form fills and file uploads. HTTPS Post is a request method supported by the HTTPS protocol for submitting filled-in forms, updating databases, and uploading files to the server.
For a complete Data Loss Prevention Test, you should do both an HTTP Post Test and HTTPS Post Test.
File Transfer Protocol (FTP) is an unsecure way to transfer files and does not meet compliance requirements of data protection standards. This means that the information sent via this channel can be vulnerable.
We provide a public FTP that you can use to upload test DLP files. The files will only be stored for 2 minutes before being deleted. With the FTP test, you can check if your DLP solution is able to block FTP file transfers.
Download our free ebook on
Data Loss Prevention Best Practices
Helping IT Managers, IT Administrators and data security staff understand the concept and purpose of DLP and how to easily implement it.