Advanced Data Loss Prevention (DLP)

Prevent leakage of sensitive data with minimal effort to value

For years, organizations have struggled to prevent data exfiltration due to internal risks or external attacks, leading to embarrassing headlines, loss of business, and regulatory fines. Advanced DLP empowers you to prevent data leaks from endpoints — without requiring months to deploy, teams to maintain, or a Ph.D. in privacy law to understand.

  • Protection for sensitive data across 70+ channels – Protect clients’ sensitive data — prevent data leakage from workloads via peripheral devices and network communications by analyzing the content and context of data transfers and enforcing policy-based preventive controls.
  • Automatic, behavior-based DLP policy creation and extension – No need to drill down into client business details and define policies manually. Automatically baseline and profile sensitive data flows to create and continuously adjust DLP policies to ever-changing business specifics, ensuring protection against the most common causes of data leaks.
  • Prompt reactiveness to DLP events – Enable rapid response and forensic investigations and simplify DLP policy maintenance via centralized audit logs and alerts on security events. Ease reporting with information-rich widgets.

Strengthen your clients’ regulatory compliance out of the box

Leverage pre-built data classifiers for most common regulatory frameworks protecting personally identifiable information (PII), patient health information (PHI), cardholder data, and documents marked as confidential.

Enhance your security portfolio with streamlined data loss prevention

Unlock new profitability opportunities

  •  Improve your revenue per client and attract more clients with high-demand, MSP-managed DLP services that are easily accessible for clients of all sizes.
  •  Control your TCO and enable better margins with easier service tiering by using a single, integrated platform for backup and disaster recovery, next-generation anti-malware, email security, workload management and data loss prevention.

Minimize your effort to value and speed up provisioning

  •  Expand your service technology stack with a DLP solution that doesn’t require you to increase your management complexity, costs and headcount.
  •  Automate service provisioning, initial client-specific policy creation and follow-up adjustments, and minimize the impact of human error.
  •  Ensure that DLP policies are aligned with each client’s business specifics.
  •  Simplify compliance reporting and increase visibility of DLP performance with information-rich widgets.

Reduce data leakage risks and strengthen compliance

  •  Minimize risks of data leakage and exfiltration by detecting and preventing sensitive information from being transferred to unauthorized parties.
  •  Strengthen clients’ regulatory compliance by protecting data that is subject to regulations.
  •  Lower cyber insurance premiums with better protection of sensitive data.

How Advanced DLP simplifies service provisioning, management and reporting

1. Effortlessly provision DLP services with automatic policy creation

During initial provisioning, DLP agents run in Observation mode, monitoring clients’ endpoint computers for outgoing sensitive data transfers and leveraging a behavior-based technology to automatically create the initial DLP policy — with optional end user justification of risky data transfers.

2. Easily validate the created policy with clients

Once the initial DLP policy is automatically generated, it’s displayed in an easy-to-understand visual format, requiring no technical expertise from clients’ business reps to validate.

3. Enforce the DLP policy to start preventing data leaks and boost regulatory compliance

Once the DLP policy is validated with clients, Advanced DLP continuously monitors for DLP incidents with multiple policy enforcement options, enabling ongoing automated policy adjustment to business specifics.

4. Demonstrate your value to clients with powerful widgets

Enable ongoing reporting to clients with powerful widgets, that demonstrate the value of your DLP services. Provide service technicians and clients with visibility into blocked sensitive data flows; most active data senders; users with most blocked data transfers; and all sensitive data transfers split by category (blocked, allowed or justified).

Differentiate your DLP services with an edge over the competition

Current DLP solutions require costly security expertise and deep knowledge of clients’ business processes, together with complex, error-prone, manual configuration to ensure client-specific policies. With Advanced DLP, you can prevent data leaks for clients with the provisioning speed and policy management ease you need.

  • Automated DLP policy creation – Minimize manual work and the risk of error. Simplify provisioning by automatically creating an initial DLP policy for each client with a behavior-based approach.
  • Client-specific DLP policies – Baseline and profile outgoing sensitive data flows across organizations to automatically map clients’ business processes to a DLP policy — adjusted to their specifics. Leverage optional end-user assistance for higher accuracy, and request client validation before enforcing a policy.
  • 70+ controlled channels – Control data flows across most common local and network channels, including removable storage, printers, redirected mapped drives and clipboard, emails and webmails, instant messengers, file sharing services, social networks, web access, and network protocols.
  • Unmatched DLP controls to differentiate your service – Ensure web-browser-independent control of data transfers to social media, webmail and file-sharing services. Leverage content inspection of outgoing instant messages and sensitive data detection in images sent from remote and offline computers.
  • Centralized cyber protection with single console – Control your TCO, reduce management overhead and boost margins by using a single solution that integrates backup, disaster recovery, next-generation anti-malware, email security, workload management, and data loss prevention.

The only DLP solution designed for MSPs to prevent leakage of sensitive data via peripheral devices and network channels with automatic, client-specific DLP policy creation.

Content- and context-aware DLP controls

Prevent leakage of sensitive data from clients’ organizations. Advanced DLP detects the sender, recipient, channel used and sensitive content for each data transfer to apply policy-based preventive DLP controls.

Automatic DLP policy creation (Observation mode)

Simplify service provisioning and initial DLP policy configuration. The solution observes end user behavior to automatically map clients’ business specifics to DLP rules to create client-specific DLP policies.

Adaptive DLP policy enforcement (Enforcement mode)

Enable automatic enrichment of enforced DLP policies by learning from end users. The adaptive enforcement option unlocks automated, user-assisted extensions of enforced policies with new data flows.

  • Content-aware control over data flows to peripheral devices – Control data transfers to peripheral devices such as printers, removable storage and mapped drives across clients’ organizations and ensure no sensitive data in use can leak through such local channels.
  • Network communications control – Control data transfers via network channels such as emails, cloud file sharing services, web browsers and social media. Prevent leakage of sensitive data in motion across clients’ organizations.
  • Pre-built data classifiers – Protect clients’ sensitive data out of the box with pre-built data classifiers for personally identifiable information (PII), protected health information (PHI), payment card data (PCI DSS), documents marked as “Confidential.”
  • Strict DLP policy enforcement (enforcement mode) – For clients that require more strict controls, you can enforce the DLP policies as they’re defined, also blocking any new data flows not observed during the observation mode period.
  • Clipboard control for remote connections – Prevent data leaks at their earliest stage — when data is transferred between the corporate computer and BYOD devices or remote terminals via a redirected clipboard.
  • Optical character recognition (OCR) – Prevent leakage of textual data in graphical format, even for offline and remote endpoints. Leverage an agent-resident optical character recognition for 30+ languages without sending images to OCR servers.
  • Content inspection and filtering – Protect clients’ sensitive data from leaking by analyzing and filtering the textual and binary content of data transferred via local and network channels, including inspection of nested archives. Benefit from text parsing for 100+ file, 40+ archive, and five-print formats.
  • Real-time alerting – Empower policy-based, real-time alerting for relevant DLP events to increase DLP administrators’ visibility and allow them to react to critical security events in a timely manner.
  • Policy-based logging – Enable easy auditing and IT investigations by automatically and selectively collecting audit logs for security events for each DLP policy rule. Leverage a cloud-native, secure, always available central log and secure delivery along with configurable log retention settings.
  • DLP event viewer – Increase the efficiency of your service technicians with a single-pane-of-glass view across all DLP events with fast search and filtering capabilities.
  • Reporting – Demonstrate your service value to clients and ease compliance reporting with information-rich widgets that provide a clear view of actionable data loss prevention statistics that can easily be sent to clients as reports.
  • On-screen notification to end users – Increase end users’ data loss prevention awareness and reduce time spent by IT administrators on investigating with interactive on-screen warnings that explain why certain data transfer attempts have been blocked by DLP rules.
  • Block override support – Ensure clients’ business continuity by allowing end users to override a data transfer block in case of extraordinary situations by providing a one-time business-related exception.
  • Encrypted removable storage support – Better protect clients data by neutralizing the risks of sensitive data leaving your clients workloads via unencrypted removable storage devices (e.g. USBs). Advanced DLP can detect encrypted removable storage devices and allow data transfers only to them.
  • Customize DLP rules by file type – Gain more granular control of DLP rules and reduce the risk of sensitive data leakage on client endpoints by customizing the DLP policy with rules that prevent unauthorized transfers of specific sensitive file types.