Help Center
Quick Start
- Overview
- System requirements
- Minimum privileges required
- Default port configuration
- Installing DataSecurity Plus
- Uninstalling DataSecurity Plus
- Starting DataSecurity Plus
- Launching DataSecurity Plus
- Configuring your solution
- Licensing details
- Applying a license
File Auditing
- About File Auditing
- Domain configuration
- File server configuration
- Failover cluster configuration
- NetApp server configuration
- Workgroup configuration
Setting up File Audit
Dashboard
Reports
Alerts
Configuration
Storage Configuration
File Analysis
- About File Analysis
- On-Demand Reports
Setting up File Analysis
Dashboard
Reports
Alerts
Configuration
Data Risk Assessment
- About Data risk assessment
Setting up Data risk assessment
Dashboard
Reports
Ownership analysis
Configuration
Endpoint DLP
- About Endpoint DLP
Setting up Endpoint DLP
Reports
Alerts
Prevention policies
Configuration
Cloud Protection
- About Cloud Protection
- Gateway Server Installation Steps
- Gateway Configuration in Endpoint
- Gateway Cluster Configuration
- Gateway Server Management
- Certificate Authority Configuration
- Two-way SSL configuration
- Manage Certificate Trust Store
- Threat Analytics Database
- Manage Banned Applications
- Manage Authorized Applications
- Regenerating gateway server access key
- Updating gateway server
- Gateway Server Failover
- Load Balancer Configuration
- Global Insight
- Application Insight
- User Insight
- Shadow Application Insight
- Banned Application Insight
- Cloud App Discovery
- Cloud Access Reports
- Application Insights
- Shadow Cloud Application Reports
- Banned Cloud Application Reports
- File Upload & Download Reports
Setting up Cloud Protection
Dashboard
Reports
Control Policies
Storage Configuration
Administrative settings
- Technician configuration
- Notification filters
- Manage agent
- Agent settings
- SIEM integration
- Business hours configuration
- Two-factor authentication
- Workgroup configuration
- Security policy
Email configuration
General settings
- Connection
- Personalize
- DataSecurity Plus Server
- Privacy Settings
- Disk utilization
- Schedule Retention Policy
Policy Configuration
Release notes
2025
2024
2023
2022
2021
2020
2019
2018
2017
2016
2015
Troubleshooting
- HTTP communication failure
- Dormant DataEngine
- Secure Gateway server failure
- RPC communication failure
- Cloud Protection Gateway server failure
- Known issues and limitations
- Known errors and solutions
Guides
- Agent document
- How to Migrate/Move DataSecurity Plus
- How to apply SSL certificate
- How to automate DataSecurity Plus database backup
- How to set alerts in DataSecurity Plus
- How to secure your DataSecurity Plus installation
Login control
The Cloud Protection module offers login control as one of its control policies to manage logins to cloud applications and suites. To start off, policies can be used to block login names in two cloud suites: Microsoft 365 and Google Workspace.
You can apply a range of criteria to granularly control logins into these cloud suites. These criteria enable you to block:
- Specific login names
- All login names from specific domains
- Usage of personal accounts in organizational suites
- Login names that match a specific pattern
Creating a new login control policy
- Select Cloud Protection from the modules drop-down menu at the top.
- Go to Configuration > Control Policies > Login Control.
- Click +Add Policy.
- Enter a suitable Policy Name and Policy Description.
- Assign a Tag. Tags can be used to group policies based on the category of the cloud suite.
- Under Filter, enable the cloud suites or the applications that you want to block logins for by clicking the toggle button below them.
- Click the Configure criteria buttons below the enabled cloud suites to define their login control criteria.
- In the Configure login control criteria pop-up window that opens, add as many criteria as required by clicking the + button.
- Click Done to close the window.
- Click Save to create the login control policy.
Notes:
- Login control policies will not work on sign-in methods that don't require usernames.
- Logins can only be blocked if they occur through configured gateway servers.
Refer to the examples below for an understanding of how to use login control criteria effectively:
Example 1: Block the login name "user@gmail.com"
- Enter user@gmail.com in the login name field.
- Select Contains from the conditions drop-down.
- Click Save.
Example 2: Block all Gmail login names
- Enter gmail.com in the login name field.
- Select Contains from the conditions drop-down.
- Click Save.
Example 3: Only allow login names from the organization "abc.com"
- Enter abc.com in the login name field.
- Select Not Contains from the conditions drop-down.
- Click Save.
Example 4: Block all login names that contain patterns, such as hr-1@abc.com, hr-2@abc.com, hr-3@abc.com, etc.
- Enter hr-(.*)@abc.com in the login name field.
- Select Regex from the conditions drop-down.
- Click Save.