Views:

Apex One monitors data transmissions to or within removable storage devices. Activities related to data transmission include:

  • Creation of a file within the device

  • Copying of a file from the host machine to the device

  • Closing of a modified file within the device

  • Modifying of file information (such as the file’s extension) within the device

When a file to be transmitted contains a data identifier, Apex One either blocks or allows the transmission.

Note:
  • The Device Control action has a higher priority than the DLP action. For example, If Device Control does not allow copying of files to a removable storage device, transmission of sensitive information does not proceed even if DLP allows it.

  • Data Loss Prevention supports encryption on removable storage devices when Endpoint Encryption is installed on the agent endpoint.

For a list of supported removable storage devices and applications that facilitate data transmission activities, see the Data Protection Lists document at:

http://docs.trendmicro.com/en-us/enterprise/data-protection-reference-documents.aspx

The handling of file transmission to a removable storage device is a straightforward process. For example, a user who creates a file from Microsoft Word may want to save the file to an SD card (it does not matter which file type the user saves the file as). If the file contains a data identifier that should not be transmitted, Apex One prevents the file from being saved.

For file transmission within the device, Apex One first backs up the file (if its size is 75MB or less) to %WINDIR%\system32\dgagent\temp before processing it. Apex One removes the backup file if it allowed the file transmission. If Apex One blocked the transmission, it is possible that the file may have been deleted in the process. In this case, Apex One will copy the backup file to the folder containing the original file.

Apex One allows you to define exceptions. Apex One always allows data transmissions to or within these devices. Identify devices by their vendors and optionally provide the device models and serial IDs.

Tip:

Use the Device List Tool to query devices connected to endpoints. The tool provides the device vendor, model, and serial ID for each device. For details, see Device List Tool.