Data Identifiers

OfficeScan uses data identifiers to identify sensitive information. Data identifiers include expressions, file attributes, and keywords which act as the building blocks for DLP templates.

Rules

A DLP rule can consist of multiple templates, channels, and actions. Each rule is a subset of the encompassing DLP policy.

Templates

A DLP template combines data identifiers and logical operators (And, Or, Except) to form condition statements. Only files or data that satisfy a certain condition statement will be subject to a DLP rule.

OfficeScan comes with a set of predefined templates and allows you to create customized templates.

A DLP rule can contain one or several templates. OfficeScan uses the first-match rule when checking templates. This means that if a file or data matches the data identifiers in a template, OfficeScan will no longer check the other templates.

Channels

Channels are entities that transmit sensitive information. OfficeScan supports popular transmission channels, such as email, removable storage devices, and instant messaging applications.

Actions

OfficeScan performs one or several actions when it detects an attempt to transmit sensitive information through any of the channels.

Exceptions

Exceptions act as overrides to the configured DLP rules. Configure exceptions to manage non-monitored targets, monitored targets, and compressed file scanning.