Questions tagged [dlp]
Data Loss Prevention (DLP) is a computer security term referring to systems that identify, monitor, and protect data in use, in motion and at rest
44
questions
2
votes
0
answers
20
views
In MS Purview DLP, how do I prevent inline (in body) images when sending Exchange EMail?
In Microsoft Purview DLP (Data Loss Prevention), how do I prevent inline (in body) images when sending Exchange EMail?
My last attempt at a DLP Rule, summary:
Header contains words or phrases: Content-...
0
votes
0
answers
116
views
Protection against data leak from a usb drive plugged in a virtual machine?
Some peoples working with virtual machines need to plug USB drive on their computer or VM, in order to work (flash OS, put firmwares, upload configurations).
There is no data leak policy or software ...
1
vote
1
answer
2k
views
Microsoft Purview Sensitivity labels, best practices for setup?
Background
There have been more than a handful of recent security breaches at my company, involving social engineering and spoofed emails.
A malicious actor fraudulently spoofing one of our customers, ...
1
vote
1
answer
362
views
How can we restrict users from copying "non-allowed" file types from USB?
We blocked USB ports on most of the devices using Intune. However, a subset of users requires USB access due to their job scope which requires them to copy images from their cameras to their PCs. Is ...
0
votes
1
answer
269
views
Block file and data transfer out of a device
I was reading a documentation that suggests blocking the computer from transferring files to an external device, such as a HD, Camera or Pen Drive, allowing only reading.
Is this type of protection ...
1
vote
0
answers
135
views
How to protect PII data from being sold or exposed by employees
For PII, we capture mostly emails, mobile and name of users who signup on our website. Along with this purchases made by users are also a sensitive data. Protecting this data for users privacy is as ...
1
vote
0
answers
96
views
What are good mitigations for balancing secure external anonymous sharing from Sharepoint/One with convenience?
What are good mitigation techniques to allow corp users to share files externally with anyone, yet maintain some kind of control?
Ie. OneDrive and SharePoint can allow users to share a file with “...
0
votes
1
answer
160
views
How Were FireEye's Tools Exfiltrated?
What was the mechanism for exfiltrating FireEye's redhat tools in the recent SolarWinds hack? I understand it was via HTTP (small packets to many servers)? Are there any further details?
Is this a ...
1
vote
1
answer
174
views
Is it possible to ensure detection and logging of all attempts to copy data out of a system?
I am cross-posting this question from Serverfault, because I am in doubt where it fits best.
Say I have a server set up for processing sensitive data. The few authorised users of the system are ...
1
vote
1
answer
166
views
How to detect use of personal NAS devices from corporate machines?
We have an issue where people are taking laptops home and connecting them to their personal home networks in order to backup corporate data to their private NAS devices. From a DLP standpoint we have ...
2
votes
2
answers
210
views
How to set up full disk file encryption?
I want to set up my company's laptops in a way that all files created on these laptops can only be read by these laptops. If it is copied to a USB then that file is only readable when plugging that ...
-1
votes
1
answer
147
views
Do any API-based CASB use native DLP features in cloud applications?
I think I've understood what CASB are and the differences between proxy/API-based architectures. What is still unclear to me is how exactly API-based CASB function.
I know most products use APIs to ...
0
votes
1
answer
336
views
“Flow” between computers (Logitech mouse) DLP
From a DLP perspective, does anyone know what DLP controls to block or monitor this Logitech Flow?
-1
votes
1
answer
114
views
MAC OS full admin rights and software removal in a corp environment
We have MAC OS for our developers (running with root). We also deploy an DLP endpoint agent. Now what happens, in some cases they just sudo and uninstall the agent because it slows down the machine. ...
1
vote
1
answer
397
views
DLP vs end-to-end messengers
I am interested in how DLP systems work. I have noticed that developers of DLP say that the software can see messenger traffic including end-to-end solutions. I understand MITM, certificate change, ...