Block Solidworks uploads to USB stick or other output feature.

Hello Francisco Amantino 

If you have On-premise version of Sophos please refer to the Sophos Enterprise Console Help Guide, under section 7.11 Data Control Policy.

If you have Sophos Central, you can create a Data Loss Prevention Policy.

You can create a file type rule and will be able to make up a rule that is either based on file extension or file name. You can monitor and control the transfer of files to specified storage devices (e.g. removable storage device or optical drive) or by specified applications (e.g. email client or web browser).

-DianneY

Thanks for your reply but if I create the rule based on the extension or filename will suffice to rename it to circumvent the lock. I created a rule based on file type and I've marked all categories. In the tests the rule blocked an Excell file but Solidworks passed.

"All categories" may not include certain file types/extensions, and if your users do rename files to get past your DLP rules, your best bet may just be to block USB drives to certain groups of users, ie those that use Solidworks, or all users.

"All categories" may not include certain file types/extensions, and if your users do rename files to get past your DLP rules, your best bet may just be to block USB drives to certain groups of users, ie those that use Solidworks, or all users.

Ok, thanks

Hello Francisco Amantino,

please be aware that DLP is designed to reduce the risk of accidental data transfer (emphasis mine). Thus clearly it can't protect against premeditated data transfer. There's no (simple) technical solution if you're up against users with criminal intent.

Christian

Well remembered,

I'll see to my client that what he really wants is something more specialized.

Thank you