How Content Aware Protection Works?

Description

Content-aware data loss prevention is a data loss-prevention measure that involves awareness of the context or content that is being protected. This module enables the dynamic application of policy based on the content and context at the time of an operation. These tools are used to address the risk of inadvertent or accidental leaks, or exposure of sensitive enterprise information outside authorised channels, using monitoring, filtering, blocking and remediation features.

Transcript

Hi! My name is Natalie, and today I will talk about the Content Aware Protection module of Endpoint Protector.

The Content Aware Protection module allows you to control the files transferred over the internet or over the network through various exit points and online applications.

In order to use it, a policy has to be created. First, we have to choose the Operating System of the computers this policy will be applied to: Windows, macOS or Linux. The distinction is imperative, since there are applications that are supported by one Operating System, and not supported by the other, - for instance, Internet Explorer is supported by Windows, and not supported by macOS or Linux.

Then, we give the policy a Name, a Description; choose the Policy Action: "Block & Report”, "Report Only" or "Block Only”. Under “Policy Exit Points”, we select the channels that we want to control the transfer of confidential information through: applications such as web browsers, e-mail clients, instant messaging apps, cloud services/file sharing apps and others.

Data transfers to USB Storage Devices, Network Share and Clipboard can also be monitored. Under "Policy Blacklists”, the sensitive information can be defined based on file type or based on content. There is a large number of file types you can choose from: Graphic Files, Office Files, Archive Files, Media Files, Source Code Files and others.

If you want to be more specific about the information that you want to protect, you can define the sensitive data based on file content. Under “Predefined Content”, some Personally Identifiable Information is available for selection, such as Credit Card Numbers, E-mail addresses, Social Security Numbers and others.

The confidential content can be customized, as well, - by creating a custom Blacklist Dictionary, and then selecting that dictionary inside the Content Aware Policy. The dictionary can be created from “Blacklists and Whitelists” -> “Blacklists”.

Other filters for defining the classified data include File Name, Regular Expression and HIPAA.
After the policy has been defined, it will have to be applied to Departments, Groups, Computers or Users, - by selecting their corresponding boxes from the lists.

Now, for the purpose of this demonstration, we will block the upload of PDF files, and files that contain Credit Card Numbers to Chrome web browser. We will create a policy that will block and report the transfer of files through Chrome, select “PDF" from inside the "File Type" filter, and “Credit Card Numbers” from the “Predefined Content Filter” tab. Apply the policy to my User, and save it.
This is what the result would look like.

That was the Content Aware Protection module of Endpoint Protector.
Thank you for your attention!

Other data security videos

How eDiscovery Works?

eDiscovery scans and identifies the confidential information in organizations’ endpoints and allows Administrators to take remediation actions like encrypting or deleting data at rest. It…

How Enforced Encryption Works?

Enforced Encryption allows IT Administrators to extend their Device Control policy and make sure all confidential data transferred to USB storage devices is automatically encrypted.…

How Content Aware Protection Works?

Content-aware data loss prevention is a data loss-prevention measure that involves awareness of the context or content that is being protected. This module enables the…

How Device Control Works?

See how you can lockdown, control and monitor USB and peripheral ports to stop data theft and data loss. Our Device Control protects against data…

GDPR Essentials

This video offers a brief overview of what GDPR (General Data Protection Regulation) is and how it translates into actual measures for companies. Find out…

How Endpoint Protector DLP can secure your data on Linux endpoints

See how you can setup Data Loss Prevention policies on Linux endpoints, what exit points Endpoint Protector covers, and what type of sensitive data it…

How to use USB Enforced Encryption from Endpoint Protector DLP suite

The cross-platform USB Flash Enforced Encryption is the module within Endpoint Protector Data Loss Prevention that boosts the security of data copied on USB storage…

Setup a Content Aware Protection (CAP) Policy in Endpoint Protector

Learn how to setup a Content Aware Protection Policy in Endpoint Protector. Prevent confidential information from leaving the endpoint through USB and peripheral ports, printers,…

How to set up rights in Endpoint Protector

In this tutorial, we walk you through and show you how to set up rights in Endpoint Protector. Get a quick insight into Device Rights,…

How to use the Offline Temporary Password (OTP) feature in Endpoint Protector

Learn how to authorize the use of blocked devices (USB Flash Drives, CD/DVD, external HDDs, etc.) with the Offline Temporary Password (OTP) feature when computers…

Mobile Device Management (MDM) for iOS and Android with Endpoint Protector

Secure your mobile iOS and Android devices with Endpoint Protector Mobile Device Management (MDM) and keep a close eye on where devices are going with…

Content Aware Protection to prevent sensitive data leakage through all possible exit points

Content Aware Protection is a module in Endpoint Protector that offers detailed control over sensitive data leaving the company's network.

Endpoint Protector Virtual Appliance for Device Control and DLP

Our virtual appliance will protect your network endpoints against intentional data theft, data leakage and accidental data loss through portable devices.

Endpoint Protector Hardware Appliance for Device Control

Our appliance will protect your network endpoints against intentional data theft, data leakage and accidental data loss through portable devices.

Endpoint Protector for Device Control explained in plain English

With Endpoint Protector you have full control, manageability and transparency of what is happening with USB and peripheral ports on your Windows, Macs, and Linux computers.

Device Control, USB Lockdown, and Control for Mac OS X

Controlling the use of USB, FireWire, Thunderbolt, SD Card Reader, Bluetooth, etc on your Mac is vital to protect your data.

Endpoint Protector Basic - Data Protection for Small Offices or Home Use

Manage and control the use of portable devices with Endpoint Protector Basic, the perfect stand-alone solution for Windows and Mac.

EasyLock - Cross-platform encryption for Windows, Mac OS X, and Linux

Strong military-grade encryption algorithms and an intuitive drag and drop interface, helping anyone turn any portable storage device into a data safe.

My Endpoint Protector explained in plain English - DLP | MDM

Manage portable storage devices, control what data is leaving your network through emails, messengers and other cloud applications and even manage the mobile device fleet.…