DLP for data at rest
Scan sensitive data residing on employees’ computers and encrypt or delete data at rest to prevent breaches proactively.
Endpoint Protector DLP for data at rest (eDiscovery) scans and identifies the confidential information in organizations’ endpoints and allows Administrators to take remediation actions like encrypting or deleting data at rest. It addresses both internal and external threats – unauthorized employees storing sensitive data on their computers and attackers which manage to bypass the network defense and try to get a hold of company’s records. For organizations collecting and managing information like Credit Card Numbers (CCNs), Personally Identifiable Information (PII), Social Security Numbers (SSNs), and other employees’ and business records, it is imperative to make sure it is safely stored and, in case of computer loss or theft, the information does not get into malicious or careless hands.
Organizations implementing Endpoint Protector eDiscovery achieve compliance with regulations like HIPAA, PCI-DSS, GDPR, and others, avoiding fines and other damages imposed by regulatory entities.
eDiscovery is available as a module within Endpoint Protector and does not require separate installation, being easily activated within the management console. A single endpoint agent is deployed for both Content Aware Protection (DLP for data in motion) and eDiscovery.
How eDiscovery Works
Whitelists based on file type and file name exclude from scanning specific files, like pictures, video files and others, reducing scan time and consumed resources. Blacklists are based on file types, predefined content, custom content (dictionaries) and file name, allowing IT Administrators to build policies according to the type on sensitive data stored on users´ workstations.
The eDiscovery section offers visibility into scans, the matched sensitive items, the precise location of the discovered data, and remediation actions such as encrypt data and delete data at rest, for immediate reaction in case non-compliant data is identified.
With a few simple steps, scans can be setup based on specific time, recurrence, and entities to be included in the scan. A list with previous scans is also available.
eDiscovery from Endpoint Protector scans data on Windows, macOS, and Linux endpoints for complete data protection. Administrators can choose to perform a clean scan to cover all repositories or an incremental scan to start scanning from where the last scan stopped.