This discussion has been locked.
You can no longer post new replies to this discussion. If you have a question you can start a new discussion

DLP RULES

good morning

I wanted to know if in the DLP it is possible to add a rule to block folders on a network share?

Danilo


This thread was automatically locked due to age.
Parents
  • FormerMember
    +1 FormerMember

    Hi,

    I am curious on why you would want an anti-malware product do this. Since, in theory, you have control over the permissions on the share, you could manage the Read/Write access yourself and prevent data being exfiltrated.

    Or, are you asking if the user mounts their own share (not in your control) and tries to copy data off? Although an interesting scenario, I am not sure how we could mitigate it without severe user impact. One of the best protections against that sort of thing, though, is file encryption. If you have your files encrypted at rest, it shouldn't matter if a malicious actor copies them off your devices - unless they have the keys it is just junk data. Is this the scenario you are trying to prevent?

Reply
  • FormerMember
    +1 FormerMember

    Hi,

    I am curious on why you would want an anti-malware product do this. Since, in theory, you have control over the permissions on the share, you could manage the Read/Write access yourself and prevent data being exfiltrated.

    Or, are you asking if the user mounts their own share (not in your control) and tries to copy data off? Although an interesting scenario, I am not sure how we could mitigate it without severe user impact. One of the best protections against that sort of thing, though, is file encryption. If you have your files encrypted at rest, it shouldn't matter if a malicious actor copies them off your devices - unless they have the keys it is just junk data. Is this the scenario you are trying to prevent?

Children
No Data