Smart way to block Uploading of Confidential Files ( Using SafeSquid's Granular DLP Module )
Posted: Wed Apr 22, 2020 12:28 pm
Hello All,
Let's First understand One of the Important Principal of Security is " Protect one's Confidential Data. "
Data confidentiality is about protecting data against unintentional, unlawful, or unauthorized access, disclosure, or theft.
Over here, let us first understand the need of DLP.
In any organisation, their are confidential data related to the organisation and the company does not want any user to intentionaly or unintentionally transfer this data outside the company.
Some common problem faced by companies are :
User uploading confidential documents to any anonymous upload side, email or any online website.
A Quick Google Search shows some data category in an organisation:
Intellectual Property: source code, product design documents, process documentation, internal price lists
Corporate Data: Financial documents, strategic planning documents, due diligence research for mergers and acquisitions, employee information
Customer Data: Social Security numbers, credit card numbers, medical records, financial statements
As we have now understood that company data should not be transferred outside without companies knowledge.
Therefore all uploading data should be blocked at the gateway level to enforce stringent policy in an organisation but doing so will also create problem as it will also Restrict legitimate uploading of documents.
Example: Employees need to update their information by uploading documents on Government sites.
In such situations some exceptions need to be created to allow such uploads.
But if uploads are allowed user will be able to upload any type of content to that website.
Even this is also a violation of corporate policy.
To actually create policies that apply Restrictions for users to only upload certain kind of contents on certain websites.
What benefits will you get with SafeSquid-SWG Inbuilt DLP Module?
In this Post we will be taking in depth understanding of the SafeSquid's DLP module and how to use it.
As we already know SafeSquid provides Granular policy Configuration
Which means we can make policy based upon the user, time, website etc.
In Detailed description about SafeSquid policy making is provided in below link:
**** Add link
Whenever a file is uploaded to a remote server and SafeSquid is used as the forward proxy
SafeSquid will analyse the uploaded content (Post Content) and make the necessary restrictions depending upon the DLP Configuration.
SafeSquid analysis the post content and provides the content type of the data
Example:
application/octect-stream
application/ms-word
application/msi
text/plain
DLP Configuration can be made using these content-type and if any post data /uploaded
Content matches these content types then respective action will be taken depending upon the the DLP Configuration.
In DLP Configuration we can use the Granular approach to bind a lot DLP Configuration to a specific policy ( for specific users or on specific website)
Same ways Granular policy can be made in the DLP section as well as per business requirement.
To create Stringent Policy
We can create DLP Configuration where all uploaded will be contents will be blocked and only textual contents which are used by web application to sync data will be allowed.
This helps to control the upload content in the organization.
We can further add rules in DLP section to allow specific content on specific website.
Let's First understand One of the Important Principal of Security is " Protect one's Confidential Data. "
Data confidentiality is about protecting data against unintentional, unlawful, or unauthorized access, disclosure, or theft.
Over here, let us first understand the need of DLP.
In any organisation, their are confidential data related to the organisation and the company does not want any user to intentionaly or unintentionally transfer this data outside the company.
Some common problem faced by companies are :
User uploading confidential documents to any anonymous upload side, email or any online website.
A Quick Google Search shows some data category in an organisation:
Intellectual Property: source code, product design documents, process documentation, internal price lists
Corporate Data: Financial documents, strategic planning documents, due diligence research for mergers and acquisitions, employee information
Customer Data: Social Security numbers, credit card numbers, medical records, financial statements
As we have now understood that company data should not be transferred outside without companies knowledge.
Therefore all uploading data should be blocked at the gateway level to enforce stringent policy in an organisation but doing so will also create problem as it will also Restrict legitimate uploading of documents.
Example: Employees need to update their information by uploading documents on Government sites.
In such situations some exceptions need to be created to allow such uploads.
But if uploads are allowed user will be able to upload any type of content to that website.
Even this is also a violation of corporate policy.
To actually create policies that apply Restrictions for users to only upload certain kind of contents on certain websites.
What benefits will you get with SafeSquid-SWG Inbuilt DLP Module?
In this Post we will be taking in depth understanding of the SafeSquid's DLP module and how to use it.
As we already know SafeSquid provides Granular policy Configuration
Which means we can make policy based upon the user, time, website etc.
In Detailed description about SafeSquid policy making is provided in below link:
**** Add link
Whenever a file is uploaded to a remote server and SafeSquid is used as the forward proxy
SafeSquid will analyse the uploaded content (Post Content) and make the necessary restrictions depending upon the DLP Configuration.
SafeSquid analysis the post content and provides the content type of the data
Example:
application/octect-stream
application/ms-word
application/msi
text/plain
DLP Configuration can be made using these content-type and if any post data /uploaded
Content matches these content types then respective action will be taken depending upon the the DLP Configuration.
In DLP Configuration we can use the Granular approach to bind a lot DLP Configuration to a specific policy ( for specific users or on specific website)
Same ways Granular policy can be made in the DLP section as well as per business requirement.
To create Stringent Policy
We can create DLP Configuration where all uploaded will be contents will be blocked and only textual contents which are used by web application to sync data will be allowed.
This helps to control the upload content in the organization.
We can further add rules in DLP section to allow specific content on specific website.