Business & Enterprise Products
Service Model
Data loss prevention (DLP) is a strategy for making sure that sensitive data is not lost, stolen, or inadvertently leaked. It typically involves implementing technical and organizational controls to prevent unauthorized access to data, and can also include measures for detection and response if data loss does occur.
DLP or data loss prevention, is a crucial business process that ensures confidential and mission-critical data does not leave the organization.
The eScan Enterprise Data Leak Prevention (DLP) will protect the company’s valuable data from unauthorized access. As a data security solution, it mainly aims to prevent end users from sending sensitive or crucial data outside the organization’s network using various approaches, technologies, and strategies. It identifies potential data breaches/data exfiltration attempts and prevents the same by monitoring, detecting, and blocking sensitive data while in use (Endpoint actions), in motion (Network Traffic), and at rest (Data Storage).
eScan-DLP Attachment block feature lets you control attachment flow within your organization. You can block/allow all attachments that a user tries to send through specific pre-defined processes. You can exclude specific domains/sub-domains that you trust, from being blocked even if they are sent through the blocked processes mentioned above.
This superlative feature enables the administrator to monitor & control the type of information which can be sent outside of the endpoint. Sensitive/Confidential Information, also termed as PII, which many a time are controlled by government regulations (GDPR, for instance) can be broadly categorized.
The Application Control feature lets you block unwanted applications from being executed on Endpoints. This helps the admin control the execution of applications on endpoints. Also, eScan-DLP enforces the application control policy to provide continuous monitoring of systems to prevent security breaches, data leaks, and outages.
eScan-DLP manages the printing activity of sensitive documents. Printer Access Control options can define which data can be printed on specific printers and by whom. One advantage of this technical solution is that in the event of unauthorized activity, the DLP system logs the incident, notifies the user about the risks, and can also block the print.
Wi-Fi Access Points come with a default SSID and password that must be updated, although default passwords are frequently kept in place. This makes it simple for an attacker to log in and take control of the router, configure settings or firmware, load malicious programs, or even change the DNS server to send all traffic to an attacker's IP address.
The File Activity module displays a report of the files created, copied, modified, and deleted on managed computers. Additionally, in case of misuse of any official files, the same can be tracked down to the user through the details captured in the report. The Administrator can select and filter the report based on any of the details captured.
This submodule monitors and logs session activities of managed computers. It displays a report of the Operation type, Date, Computer name, Group, IP address and event description. With this report, the administrator can trace the user Logon and Logoff activity, along with remote sessions that took place on all managed computers.
The Application Access Report module gives a detailed view of all the applications accessed by the endpoints which are part of Managed Computers. The log displays a list of applications executed and the time duration for which the app was active. Options for Filtering or Exporting the log in desired formats are also present on the same interface. You will get the details of the computer name which accessed the app and the duration.
This will block any screen-shot and/or screen-grab process, like the windows snipping tool, from capturing desktop screen images. This feature will ensure that users cannot capture sensitive information as an image and transfer it outside. Hence it is an important aspect of DLP.
This feature will ensure that sensitive data cannot be accessed using any other application except the default application specified. Once a folder is classified as "Sensitive", its contents cannot be changed / deleted in any way. The files can be accessed using only the associated apps and any kind of editing is blocked to avoid data modification.
Screen Capturing makes it easier to take desktop screen-shots. As a business owner, it becomes crucial to be aware of the activities of employees, especially in the case of customer service or help-desk teams. Employees may work hard but to clearly understand their productivity, screen capturing gives you a detailed insight into the work being done.