How Content Aware Protection Works?

Description

Content-aware data loss prevention is a data loss-prevention measure that involves awareness of the context or content that is being protected. This module enables the dynamic application of policy based on the content and context at the time of an operation. These tools are used to address the risk of inadvertent or accidental leaks, or exposure of sensitive enterprise information outside authorised channels, using monitoring, filtering, blocking and remediation features.

Transcript

Hi! My name is Natalie, and today I will talk about the Content Aware Protection module of Endpoint Protector.

The Content Aware Protection module allows you to control the files transferred over the internet or over the network through various exit points and online applications.

In order to use it, a policy has to be created. First, we have to choose the Operating System of the computers this policy will be applied to: Windows, macOS or Linux. The distinction is imperative, since there are applications that are supported by one Operating System, and not supported by the other, - for instance, Internet Explorer is supported by Windows, and not supported by macOS or Linux.

Then, we give the policy a Name, a Description; choose the Policy Action: "Block & Report”, "Report Only" or "Block Only”. Under “Policy Exit Points”, we select the channels that we want to control the transfer of confidential information through: applications such as web browsers, e-mail clients, instant messaging apps, cloud services/file sharing apps and others.

Data transfers to USB Storage Devices, Network Share and Clipboard can also be monitored. Under "Policy Blacklists”, the sensitive information can be defined based on file type or based on content. There is a large number of file types you can choose from: Graphic Files, Office Files, Archive Files, Media Files, Source Code Files and others.

If you want to be more specific about the information that you want to protect, you can define the sensitive data based on file content. Under “Predefined Content”, some Personally Identifiable Information is available for selection, such as Credit Card Numbers, E-mail addresses, Social Security Numbers and others.

The confidential content can be customized, as well, - by creating a custom Blacklist Dictionary, and then selecting that dictionary inside the Content Aware Policy. The dictionary can be created from “Blacklists and Whitelists” -> “Blacklists”.

Other filters for defining the classified data include File Name, Regular Expression and HIPAA.
After the policy has been defined, it will have to be applied to Departments, Groups, Computers or Users, - by selecting their corresponding boxes from the lists.

Now, for the purpose of this demonstration, we will block the upload of PDF files, and files that contain Credit Card Numbers to Chrome web browser. We will create a policy that will block and report the transfer of files through Chrome, select “PDF" from inside the "File Type" filter, and “Credit Card Numbers” from the “Predefined Content Filter” tab. Apply the policy to my User, and save it.
This is what the result would look like.

That was the Content Aware Protection module of Endpoint Protector.
Thank you for your attention!

Transcribe_404: [videos_other]

How eDiscovery Works?

eDiscovery scans and identifies the confidential information in organizations’ endpoints and allows Administrators to take remediation actions like encrypting or deleting data at rest. It addresses both internal and external threats – unauthorized employees storing sensitive data on their computers and attackers which manage to bypass the network defense and try to get a hold of the company’s records

Cómo funciona eDiscovery?

eDiscovery escanea e identifica la información confidencial en los equipos de las organizaciones y permite a los Administradores tomar medidas de remediación, como cifrar o borrar los datos en reposo. Está direccionado tanto para las amenazas internas, como para las amenazas externas - empleados no autorizados que almacenan datos confidenciales en sus equipos y atacantes que intentan evitar la defensa de la red e intentan obtener un asimiento de los registros de la empresa.

Comment est-ce que fonctionne le Module eDiscovery?

eDiscovery va analyser et identifier les informations confidentielles qui se trouvent sur les ordinateurs de l’entreprise et va permettre aux administrateurs de prendre des mesures correctives telles que le cryptage ou la suppression des données. Il traite à la fois les menaces internes et externes – les employés non autorisés qui vont stocker des données sur leurs ordinateurs et aussi les attaquants qui vont essayer de copier les dossiers de l'entreprise.

How Enforced Encryption Works?

Enforced Encryption allows IT Administrators to extend their Device Control policy and make sure all confidential data transferred to USB storage devices is automatically encrypted. The solution can be used on both macOS and Windows computers.

Comment est-ce que fonctionne le Cryptage Renforcé?

Le Cryptage Renforcé permet aux administrateurs d'étendre leur stratégie de Contrôle des Dispositifs et de s'assurer que toutes les données confidentielles transférées sur des dispositifs de stockage USB sont automatiquement cryptées. La solution peut être utilisée sur les ordinateurs macOS et Windows.

¿Cómo funciona el módulo de Cifrado Forzado de USBs?

El Cifrado Forzado permite a los administradores de TI extender su política de Control de Dispositivos y asegurarse de que todos los datos confidenciales transferidos a dispositivos de almacenamiento USB se cifren automáticamente. La solución se puede utilizar en computadoras macOS y Windows.

How Content Aware Protection Works?

Content-aware data loss prevention is a data loss-prevention measure that involves awareness of the context or content that is being protected. This module enables the dynamic application of policy based on the content and context at the time of an operation. These tools are used to address the risk of inadvertent or accidental leaks, or exposure of sensitive enterprise information outside authorised channels, using monitoring, filtering, blocking and remediation features.

¿Cómo funciona Content Aware Protection?

El control de archivos por contenido es una medida de Prevención de Pérdida de Datos que implica conocer el contexto o el contenido que se está protegiendo. Este módulo permite aplicar políticas basadas en el contenido y contexto cuando se intenta enviar un archivo. Estas herramientas se utilizan para abordar el riesgo de fugas de datos involuntarias o la exposición de información confidencial fuera de los canales autorizados, utilizando las funciones de monitoreo, filtrado, bloqueo y remediación.

Comment est-ce que fonctionne la Protection de Contenu?

Le Module de Protection de Contenu vous permet un contrôle détaillé concernant les données de l’entreprise qui sont transférés de vos ordinateurs. Grâce à une inspection minutieuse du contenu, les transferts de documents importants de la société sont consignés et rapportés. Les transferts de fichiers peuvent être autorisés ou bloqués en fonction de stratégies d'entreprise prédéfinies. Vous pouvez appliquer les restrictions pour les transferts en utilisant les navigateurs, le courrier électronique, les applications et services de partages de fichiers, etc.

How Device Control Works?

See how you can lockdown, control and monitor USB and peripheral ports to stop data theft and data loss. Our Device Control protects against data loss by monitoring and controlling data transfers from PCs to removable storage devices such as USB drives.

¿Cómo funciona el módulo de Control de Dispositivos?

Vea cómo puede bloquear, controlar y monitorizar puertos USB y periféricos para detener el robo y la pérdida de datos. Nuestro módulo de Control de Dispositivos protege contra la pérdida de datos monitorizando y controlando las transferencias de datos desde computadoras a dispositivos de almacenamiento extraíbles, como unidades USB.

Comment est-ce que fonctionne le Contrôle de Dispositifs?

Voyez comment verrouiller, contrôler et surveiller les ports USB et les périphériques pour empêcher le vol et à la perte de données. Notre module de Contrôle de Dispositifs protège contre la perte de données en surveillant les transferts de données de l’ordinateur vers des périphériques de stockage amovibles tels que les clés USB.

Wie funktioniert eDiscovery?

eDiscovery scannt und identifiziert die vertraulichen Informationen auf den Endpunkten von Unternehmen und ermöglicht es Administratoren, Abhilfemaßnahmen wie die Verschlüsselung oder das Löschen von Daten im Ruhezustand durchzuführen. Es adressiert sowohl interne als auch externe Bedrohungen - unbefugte Mitarbeiter, die sensible Daten auf ihren Computern speichern, und Angreifer, die es schaffen, die Netzwerkabwehr zu umgehen und versuchen, die Aufzeichnungen des Unternehmens in die Finger zu bekommen.

Wie funktioniert erzwungene Verschlüsselung?

Mit erzwungener Verschlüsselung können IT-Administratoren ihre Device Control-Richtlinien erweitern und sicherstellen, dass alle vertraulichen Daten, die auf USB-Speichermedien übertragen werden, automatisch verschlüsselt werden. Die Lösung kann sowohl auf MacOS- als auch auf Windows-Computern eingesetzt werden.

Wie funktioniert Content Aware Protection?

Content Aware Protection ist eine Maßnahme zur Verhinderung von Datenverlust, die das Bewusstsein für den Kontext oder die Inhalte fördert, die geschützt werden sollen. Dieses Modul ermöglicht die dynamische Anwendung der Richtlinie basierend auf dem Inhalt und Kontext zum Zeitpunkt einer Operation. Diese Tools werden eingesetzt, um das Risiko von unbeabsichtigten oder versehentlichen Lecks oder der Offenlegung sensibler Unternehmensinformationen außerhalb autorisierter Kanäle durch Überwachungs-, Filter-, Sperr- und Abhilfemaßnahmen zu verringern.

Wie funktioniert Device Control?

Erfahren Sie, wie Sie USB- und Peripherieanschlüsse sperren, steuern und überwachen können, um Datendiebstahl und Datenverlust zu verhindern. Unsere Device Control schützt vor Datenverlust, indem sie den Datentransfer von PCs zu Wechselspeichern wie USB-Laufwerken überwacht und steuert.

User Remediation - Endpoint Protector by CoSoSys

User Remediation is an important new feature that can be applied to your DLP policies in Endpoint Protector 5.4.0.0. If enabled, your users will be able to override the DLP policy, adding a justification for doing so.

Currently available for the Content Aware Protection module, this feature significantly improves the experience for your end-users and reduces the time your admin team spends responding to tickets and requests to bypass a policy restriction.