Define DLP policies by configuring the following settings and deploying the settings to selected agents:
|
Settings |
Description |
|---|---|
|
Rules |
A DLP rule can consist of multiple templates, channels, and actions. Each rule is a subset of the encompassing DLP policy. Note:
Data Loss Prevention processes rules and templates by priority. If a rule is set to "Pass", Data Loss Prevention processes the next rule in the list. If a rule is set to "Block" or "User Justification", Data Loss Prevention blocks or accepts the user action and does not process that rule/template further. |
|
Templates |
A DLP template combines data identifiers and logical operators (And, Or, Except) to form condition statements. Only files or data that satisfy a certain condition statement are subject to a DLP rule. Data Loss Prevention comes with a set of predefined templates and allows administrators to create customized templates. A DLP rule can contain one or several templates. Data Loss Prevention uses the first-match rule when checking templates. This means that if a file or data matches the data identifiers in a template, Data Loss Prevention no longer checks the other templates. |
|
Channels |
Channels are entities that transmit sensitive information. Data Loss Prevention supports popular transmission channels, such as email, removable storage devices, and instant messaging applications. |
Actions |
Data Loss Prevention performs one or several actions when it detects an attempt to transmit sensitive information through any of the channels. |
Exceptions |
Exceptions act as overrides to the configured DLP rules. Configure exceptions to manage non-monitored targets, monitored targets, and compressed file scanning. |
|
Data Identifiers |
Data Loss Prevention uses data identifiers to identify sensitive information. Data identifiers include expressions, file attributes, and keywords which act as the building blocks for DLP templates. |