What can I protect?
Data protection can control or monitor the flow of data throughout an organization.
Administrators can define:
- Who can move and receive data
- What data can and cannot be moved
- Where the data can be sent
- How the data can be sent
- What action to take in case of a policy breach
Data protection can be used together with the endpoint to secure the following channels:
- Endpoint Email: Monitor email messages sent by endpoint users using Microsoft Outlook (Windows only) or Apple Mail (macOS only) clients.
- Endpoint applications: Monitor or prevent sensitive data from being copied and pasted from one application to another on Windows endpoint clients.
- Endpoint application file access monitoring: Monitor applications such as IM, cloud storage, and FTP clients that access and share sensitive data.
- Endpoint removable media: Monitor or prevent sensitive information from being written to a removable device such as a USB flash drive, CD/DVD, or external hard disk. Data protection supports analysis, encryption, and blocking for USB drives.
- Endpoint LANs: Users commonly take their laptops home and then copy data through a LAN connection to a network drive/share on another computer.
- Specify a list of IP addresses, host names, or IP networks of computers that are allowed as a source or destination for LAN copy.
- Intercept data copied from an endpoint client to a network share.
- Note that Endpoint LAN control is currently applicable to Microsoft sharing only.
- Endpoint printing: Monitor or prevent sensitive data from being printed on local or network printers from endpoint client machines.
- Endpoint HTTP/HTTPS: Monitor or protect endpoint devices such as laptops from posting data over the Web.
- Cloud Email: Monitor or protect users from sending data over the organization email.
- Online WEB (HTTP/HTTPS/FTP): Monitor or protect users from posting data via the organization WEB.
- CASB Inline: Monitor or prevent sensitive data from being uploaded to a Cloud Application or downloaded from a Cloud Application to a location that is not secure.
- CASB API: Monitor sensitive data from being modified, shared via a Cloud Application or downloaded from a Cloud Application.
Comprehensive monitoring of these channels can prevent data from leaving an organization.