Data Loss Prevention helps the organization in monitoring, tracking, and preventing business data on the cloud, IT enables the IT admin of the organization to set up policiesAdmin can track or restrict functions like sharing, downloading, copying, etc. for a single user, particular OUs, or the entire organization. 


To create a new policy, Navigate to Home -- Policies --DLP, Click on Add option & you implement the new policy.


Title: Name your policy to identify it later when you want to make changes quickly. 

DescriptionShort description for helping understand the policy if more than one admin is managing the account 

Enabled: For some reason, if you want the policy to be disable for some time and re-enable it, you can check/uncheck “Enabled” option as shown above. 

Valid Always: You can decide the validity of the policy with valid Always button. Toggling this you can say whether you want a policy for a stipulated time or a policy which is always applied 

Valid From and Valid To: If Valid Always is off, then you will have to provide the date range for which the policy needs to be applied. This way admin need not manually turn off the policy.




Agent Based DLP:  


Block Personal Gmail :


Restrict users from accessing their personal Gmail accounts while in the corporate network. This ensures that no data sharing occurs between a user’s personal and business Gmail accounts 


Track / Block users from – 

  • Downloading documents or other files from the drive 
  • Downloading email attachments from their business emails 
  • Sharing files or any other data from the Google drive 
  • Accessing their personal Gmail in the business network 
  • Using Clipboard functions (Copy / Paste) data from Google drive 
  • Printing corporate files, documents, etc. from Google Drive 
  • Taking screenshots or Print screen of the business data stored on the drive 


 


Session Timeout :    


For Idle Timeout interval : Admin can set the hours and minutes for this policy, It the machine is idle for the particular time, the user gels logout automatically  

For Session duration : Here the admin can set the session logout for users and CUs. The machine will get automatically logout from the CFB.

 

Note: Session Time Out settings will be effective if the chrome extensions settings applied from Settings→ Preferences→ Chrome Extension 




Office 365 & github  

Restrict users from accessing their personal accounts while in the corporate network. This ensures that no data sharing occurs between a user’s personal and business accounts 





Block USB Access :

Restrict users to access external USB devices to ensure no business data is being transferred for unauthorized use 





 

Agent Less DLP: 

 

Compliance Rule ( Email DLP ) :

Compliance policies and keep a check on its adherence. Design compliance policies with our pre-designed templates to best suit your needs for PCI, PHI, PII, HIPAA, and others. 

  • Downloading of Documents: DLP in the cloud solution allows to set policy on downloading of the document. It means whenever someone tries to download a document stored on Google Drive, and it can easily be tracked or controlled. 
  • Deletion of Document: If someone deletes any document stored on Google Drive, then this policy keeps a complete record of it. For example, who has deleted the document and which document is deleted. 
  • Sharing Outside the Organization: Sharing of any document outside the organization can easily be handled by setting such policies. Moreover, the DLP solution by cloudcodes is capable of revoking the external access also. 
  • Taking Screenshots: An organization can set a policy also to restrict users from taking screenshots. No one is allowed to take a screenshot of the work going on in a particular system. 


It also permits the organization to define actions, which is to be taken when such type of violations are detected. For ex , if it is found that a document is shared outside the organization, the IT can define policies to revoke the external access. 



 



You can implement this policy on specific user’s or OU’s or entire domain ( all User) 



***********************************************************************