07-06-2009 06:16 AM - edited 03-09-2019 10:25 PM
Hi all!
I have a question.
We want to protect the data in out company and I set the CSA-MC to log when someone try to copy the private datas to a removable device, pendrive...
and the CSA send me a mail about this event.
But it isn't enough protection. If the user change the filename (.mp3) I don't know what is the file actually, it is really an "mp3" or a private data.
What can you suggest me?
Can I save the file somewhere to check it later?
or create a better rule, to catch if someone try to steal the data.
(I don't want deny saving, just log the stealing)
I hope you understand what I want.
Thank you, br Gabor
Solved! Go to Solution.
07-10-2009 04:24 AM
Hi Gabor,
You can use these data classes, and I would recommend it as a good starting point. The idea is that you would define the Proprietary Data (i.e. saved from your sensitive app) and the pre-defined policies will monitor and control that data. Plus, you will have the ability to report on those data tags and see how the data is being used across your environment.
Hope that helps!
Josh
07-08-2009 04:16 PM
What version of CSA?
5.2 has a Data Theft Prevention Module already configured.
Tom
07-08-2009 11:44 PM
The CSA version is 6.0.1.
The Data Loss Prevention module requires license for the desktop hosts, we have no DLP license.
Is there any way to protect data without DLP?
I have created rules that only check file extensions, I think it is not enough..
Any idea?
Gabor
07-09-2009 03:27 AM
Gabor,
The first key step is to identify where this sensitive data lives, or what program is generating it (even easier.) Let's say that you want to secure everything from your financial application. You would setup CSA to static tag any data file written by that program as "sensitive." Then you would write some CSA rules to monitor whenever that sensitive data was modified (i.e. change extension) and/or block when used improperly (i.e. copied to USB.)
All those options are available without the optional DLP license.
Thanks,
Josh
07-10-2009 12:27 AM
Josh,
thank you, it is a good news.
Can you tell me a user guide, how can I setup it? or block in how have to do.
I have found nothing yet.
really thanks! Gabor
07-10-2009 03:03 AM
I think I found the solution.
I have a new question:
There are lot of rules configured by default for Regulatory and Proprietary Data classes. Can I use these classes or have to create my own
07-10-2009 04:24 AM
Hi Gabor,
You can use these data classes, and I would recommend it as a good starting point. The idea is that you would define the Proprietary Data (i.e. saved from your sensitive app) and the pre-defined policies will monitor and control that data. Plus, you will have the ability to report on those data tags and see how the data is being used across your environment.
Hope that helps!
Josh
07-10-2009 06:58 AM
Thanks, yes it is helpful for me.
I'm going to test it all these things.
Gabor
Discover and save your favorite ideas. Come back to expert answers, step-by-step guides, recent topics, and more.
New here? Get started with these tips. How to use Community New member guide