DLP Information

If all the used file types are supported product, they will be indexed and all acts of copying (including the clipboard) will be monitored. After this "Simple" actions as a steal information will not succeed. However, we can formulate a sufficient number of scenarios that would apply the insider to bypass the agency dlp solutions, such as: Mass up important files on a workstation, and subsequent archiving; Compiling a file containing important information from many other sources. Search for similar scenarios can be extended, but the main reason for leakage is that the user has legitimate access to confidential information and prohibit such access impossible. Concealment of the methods of protection (and the solutions used in particular) can not be considered a good practice, so we can assume that the perpetrator knows the possibilities and limitations of information security. Thus, for high quality to prevent leaks of information is necessary to use other measures. However, the dlp solutions indispensable in the investigation – they allow you to monitor user activity and identify suspicious activity (for example, copying large chunks of files via the clipboard). As other technical measures can be used recordings of the user (up to record everything that happens on the screen), program shadowing (when the records all data transferred via portable media) and other ways of fixing the action (up to record video surveillance systems). True, it should be noted that some of the DLP-solutions can be given functional plug in additional modules. Security administrator, having collected tools such information, can restore the exact sequence of actions and the alleged infringer to prove or disprove the fact of information theft.