Configuring file copy prevention policies

DataSecurity Plus offers file copy prevention policies that can be applied to individual workstations or groups. Copy prevention policies can block clipboard-based copy actions or prompt users when a clipboard copy action is triggered.

Follow the steps below to create new file copy prevention policies:

• Select the Endpoint DLP module from the drop-down menu at the top.
• Go to Configuration > Prevention Policies > File Copy Policy.
• Click + Create File Copy policy in the top-right corner.
• On the Add New Policy page, provide a suitable policy name and description.
• Select the type of response suitable for Local Copy and Network Copy sources. The following responses are supported:
• Allow: The copy action is allowed.
• Block: The attempted copy action is not allowed. A custom message, such as a notification to inform the user that the action has been blocked, can be entered in the text box provided.
• Prompt user: This response is used to educate the user about the critical nature of the attempted copy action. A custom message can be displayed to the user, and the user can choose to either continue with the copy action or cancel it.
Note:
• Local Copy refers to files that are copied from the local system or any external storage devices connected to it.
• Network Copy refers to file copy actions that take place within the network.
• From the Auditing drop-down menu, select Enabled if you wish to audit file copy events. If not, select Disabled.
• Click Save to create the file copy prevention policy.
• Enforce the file copy prevention policy on endpoints by mapping it to the corresponding DLP policy.

Best practice: We recommend enabling auditing to monitor the amount of file copy actions carried out in your organization before selecting Block as your response strategy.

Mapping file copy prevention policies to endpoints

To enforce file copy prevention policies on endpoints, they have to be mapped to the DLP policy linked to the targeted endpoints.

Follow the steps below to map file copy prevention policies to endpoints:

• Select the Endpoint DLP module from the drop-down menu at the top.
• Go to Configuration > DLP Policies.
• Select the DLP policy that is linked to the endpoints to which you wish to apply the file copy prevention policy.
• In the Prevention Policies section, click File Copy Policy.
• Select the file copy prevention policy you wish to enforce on endpoints.
• Click Save to update the file copy prevention policy.