In today’s ultra-connected fast-paced work environment, it is easy to lose track of data. Companies encourage the use of productivity-enhancing software and collaborative tools: nearly all organizations, for example, use messaging applications to communicate and transfer files. To cut costs, they often choose freely available options such as Skype or Slack without considering their potential risks.
At the same time, companies are frequently not aware of the sort of third-party services their employees use on a day-to-day basis either out of habit or to increase their efficiency. Popular file transfer or sharing platforms like Google Drive or Dropbox or even social media messaging applications are regularly used to share information in the workplace.
It is easy to imagine how things can go wrong from here: data accidentally shared publically, sent to the wrong recipient, saved on unauthorized computers, all with a simple click. In other words: data loss just waiting to happen. How can companies protect themselves from this very real threat to their data security? This is where content aware protection comes into play.
Data Loss Prevention tools like Endpoint Protector were built to address these risks. With its Content Aware Protection module, our product aims to curb the threat to data security by monitoring and controlling data transfers on company networks while at the same time offering a smooth, user-friendly experience that significantly reduces implementation times.
Here are the top five reasons Endpoint Protector’s Content Aware Protection (CAP) module is the easiest-to-use tool of its kind on the market.
1. Easy to Define Sensitive Information
CAP policies in Endpoint Protector can be built in a few easy steps. Administrators must first define sensitive information as it applies to their company’s needs. Endpoint Protector already has definitions for the most common types of protected data: personally identifiable information (PII), credit card numbers, source code, regular expressions, etc. It also offers the possibility of safeguarding data by file type or name or defining custom content to serve specialized needs.
Admins group these categories of sensitive data into denylists to which CAP policies can then be applied. They also have the option of defining allowlists, which will contain exceptions to the denylists.
2. Easy to Build Policies
After the denylists are defined, administrators can simply define a policy by choosing which operating system it will apply to, which exit points should be monitored (web browsers, instant messaging applications, cloud services, etc.) and what actions should be taken when the policy is violated. Namely, whether it should be reported, blocked, or both.
Policies can be applied globally or restricted to different departments, groups, users, or computers. Once CAP policies are in place, they can easily be switched on and off by administrators at any time from the Endpoint Protector dashboard.
3. Compliance Support
With many countries now adopting data protection regulations, from the Middle East to Japan, from the EU General Data Protection Regulation (GDPR) to the California Consumer Privacy Act (CCPA), it seems no company will be spared the burden of compliance. Data protection regulations, in general, aim to protect individuals’ privacy and specific categories of sensitive information.
Taking these very pressing concerns into consideration, the Endpoint Protector team built predefined CAP policies that aim to help organizations on their road to compliance. Special profiles for GDPR, PCI DSS, HIPAA, and LGPD compliance were built that, once selected, can support companies’ efforts to protect sensitive data that falls under the jurisdiction of these regulations. At the same time, due to the high number of predefined policies for personal information, organizations can easily build profiles for compliance with their local data protection regulations.
4. A Multitude of Exit Points
It’s hard to guess what software or third-party services your employees are using. They might differ depending on which part of the world you do business in or the technical expertise of your workforce. Companies might therefore be hard-pressed to define which exit points they should monitor. Luckily, Endpoint Protector makes things easy for admins: a comprehensive list to choose from is offered.
It includes dozens of web browsers (Chrome, Mozilla, Internet Explorer, etc.), e-mail services (Outlook, Thunderbird, Mail for macOS, etc.), instant messaging applications (Skype, WhatsApp for Desktop, Viber, etc.), cloud or file-sharing services (Google Drive, iCloud, OneDrive, Dropbox, etc.) and social media and other categories (FileZilla, cuteFTP, iTunes, etc.) for administrators to select from. By simply scanning the list, they can easily find the most commonly used tools and services within their organization and apply CAP policies to them.
5. Detailed Reports
The CAP module also generates detailed reports concerning policy violations. They contain not only the time and date of the violation along with the computer on which it took place and the user responsible for it, but also which exit point was being used and why the transfer was considered a violation (detection of sensitive information, blocked file type, etc.).
These reports can be especially useful for companies for auditing and compliance purposes. They can help organizations prove that they have functional data protection policies in place that ensure that individuals’ sensitive information is being kept secure.
Download our free ebook on
Data Loss Prevention Best Practices
Helping IT Managers, IT Administrators and data security staff understand the concept and purpose of DLP and how to easily implement it.