DLP RULES

Hi,

I am curious on why you would want an anti-malware product do this. Since, in theory, you have control over the permissions on the share, you could manage the Read/Write access yourself and prevent data being exfiltrated.

Or, are you asking if the user mounts their own share (not in your control) and tries to copy data off? Although an interesting scenario, I am not sure how we could mitigate it without severe user impact. One of the best protections against that sort of thing, though, is file encryption. If you have your files encrypted at rest, it shouldn't matter if a malicious actor copies them off your devices - unless they have the keys it is just junk data. Is this the scenario you are trying to prevent?

Hi,

I am curious on why you would want an anti-malware product do this. Since, in theory, you have control over the permissions on the share, you could manage the Read/Write access yourself and prevent data being exfiltrated.

Or, are you asking if the user mounts their own share (not in your control) and tries to copy data off? Although an interesting scenario, I am not sure how we could mitigate it without severe user impact. One of the best protections against that sort of thing, though, is file encryption. If you have your files encrypted at rest, it shouldn't matter if a malicious actor copies them off your devices - unless they have the keys it is just junk data. Is this the scenario you are trying to prevent?