Endpoint DLP Plus is an enterprise software that leverages data loss prevention and insider threat mitigation features to fortify endpoint data security.
Endpoint DLP Plus immediately releases the security patches for identified security issues. Follow the Security Updates on Vulnerabilities section in our Knowledge Base to stay updated with the latest security patches. Furthermore, please subscribe to our Data Breach Notification to receive notifications on any security incident without delay.
Note: It is highly recommended to
1) Update your Endpoint DLP Plus server to the latest build.
2) Grant access to the Endpoint DLP Plus folder only to authorized users.
Securing the login access to Endpoint DLP Plus, can prevent security issues involving roles and permissions.
To fortify the login access, go to the Admin tab, and click Security Settings.
The default admin account should be removed after the first login.
All communications between the Endpoint DLP Plus server and the agents will take place using the HTTPS protocol after enabling this option.
Note: In addition, disable the 8020 port in firewall in your network
It is recommended to configure Endpoint DLP Plus with a trusted third party certificate to ensure secured connections between desktops and servers. However, for secured communication using HTTPS, a default certificate will be provided along with the server.
Having a second level of verification for technicians ensures that unauthorized access is prevented.
Setting a complex password policy allows users to configure unique passwords that are tough to crack. The more complex a password policy is, the more combinations there will be.
The agent monitors and executes the configurations and tasks deployed to a particular endpoint. That's why it is necessary to forbid users from uninstalling the agent.
Preventing the users from stopping the Agent service ensures that the endpoint stays in contact with the server every 90 minutes.
Trusted Communication can be enabled only after importing a third party certificate. Learn more.
If enabled, the computers with the older agent versions will no longer be able to communicate. Ensure the agent versions are up to date. Learn More.
HTTPS protocol for both LAN and WAN agents ensures that the communication between the agents and the server is always encrypted.
It is highly recommended to host the Endpoint DLP Plus server in a corporate network protected by firewall restrictions and other security measures. If there are several roaming users and remote offices, then you can use an additional component, called the Secure Gateway Server. Secure Gateway Server is a reverse proxy solution that acts as a bridge between the WAN agents and the Application Control server. It prevents the need for the Application Control server to be hosted as an EDGE device to manage roaming users.
For improved security, it is advisable to use the newer version of TLS, instead of using the older ones.
Note: Users cannot manage devices running on legacy OS platforms (Windows XP, Vista, Server 2003 and Server 2008) after disabling the older version of TLS.
It is highly recommended for Endpoint DLP Plus users to follow the guidelines in this document. In particular, safeguarding the server by configuring the Security Settings. This proves to be a quick and effective move against cyber threats. Moreover, the steps provided for every module will help strengthen the security even further.