eScan Enterprise DLP - Cloud

Content-Aware Control

This superlative feature enables the administrator to monitor & control the confidential information which can be sent outside of the endpoint. The sensitive information, also termed as PII, which many a times are controlled by government regulations like GDPR, can be broadly categorized as below (new categories are constantly added & can be customized as per customer/country requirements):

• Executable files (such as .exe, .dll, or .scr)
• Aadhar Card number
• Indian Driving License number
• Indian Passport Number
• PAN Card Number
• Indian Voter ID Number
• Credit Card Numbers (RUPAY, VISA, Amex, MasterCard, Diners Club, Maestro, etc)
• International Bank Account Numbers (IBAN)

eScan Enterprise DLP filtering for above PII can be applied for various channels like:

• External Storage Devices (USB, CD/DVD, Bluetooth)
• Printers
• Network Communication

Corporate Cloud-based Email, Storage, Communication Access

There are several other ways that employees using Corporate Gmail, O365, Slack, WebEx, Dropbox, etc., for business reasons, put the company's data at risk. To avoid any possible leak, eScan Enterprise DLP provides functionality to block personal account access to Cloud-hosted services. This feature ensures that team members can only access the services using their corporate login credentials and not their personal credentials. Following Hosted Services are supported:

• Office365 or O365 (Hosted Outlook)
• Corporate Gmail
• Slack
• WebEx
• DropBox
• Teams

Email Report

Email is one of the omnipresent business communication tools that permits attachments, links, and sharing of corporate details with coworkers and customers. eScan Enterprise DLP email report provides the administrator with fine details about the recipient, attachment types, size of the email and many more. The administrator can monitor and control the leak of data through emails.

Shadow Copy of files allowed to be uploaded

This eScan Enterprise DLP feature provides copies of files which are transferred over web, email & online storage (Google Drive, OneDrive, Dropbox, etc.) With any activity of files being transferred, Shadow copies of these files can be created on the basis of recipients, sender-name and attachment size, which ensures effective monitoring of data being shared or stored.

Printer Access Control

eScan Enterprise DLP manages the printing activity of sensitive documents. Printer Access Control options can define which data can be printed on specific printers and by whom. One advantage of this technical solution is that in the event of unauthorized activity, the DLP system logs the incident, notifies the user about the risks, and can also block the print process. Potential breaches trigger alerts which are then delivered to the administrator.

Storage Access Control

Device control in eScan Enterprise DLP prevents users, endpoints, or both from using unauthorized removable media storage. eScan Enterprise DLP prevents a user from copying an item or information to removable media storage or USB device. Storage access control blocks data from being written to removable drives that aren't protected.

Peripheral Device Control

eScan Enterprise DLP protects critical data from leaving your company network through peripheral and removable devices, such as USB drives, Bluetooth devices, and recordable CDs and DVDs. Device control provides the option to monitor and control data transfers from all desktops and laptops, regardless of where users and confidential data go, even when they are not linked to the corporate network.

Wi-Fi Access Control

Wi-Fi access points come with a default SSID and password that must be updated, although default passwords are frequently kept in place. This makes it simple for an attacker to log in and take control over the router, configure settings or firmware, load malicious programs, or even change the DNS server to send all traffic to an attacker's IP address. Wi-Fi access control blocks or allows the specific Wi-Fi network to access your network based on a list of allowed Wi-Fi SSIDs (Whitelisted).

File Activity Monitoring (Local, Network, Storage Devices)

The File Activity module displays a report of the files created, copied, modified, and deleted on managed computers. Additionally, in case of misuse of any official files, the same can be tracked down to the user through the details captured in the report. The Administrator can select and filter the report based on any of the details captured.

Shadow Copy (USB File Activity)

The Shadow copy is a technology that allows you to create a copy of files which a user copies to an external USB drive. This feature allows administrators to audit files those leave the endpoint.

User Activity

User Activity lets you monitor Print, Session, Application, and File activities occurring on client computers. It also provides reports of the running applications. The Print Activity monitors and logs print commands sent by all computers. The Application Access Report gives a detailed view of all the applications accessed by computers which are part of Managed Computers. The File Activity Report displays a report of the files created, copied, modified, and deleted on managed computers.

Session Activity

This sub module monitors and logs session activities of managed computers. It displays a report of the Operation type, Date, Computer name, Group, IP address and event description. With this report, the administrator can trace the user Logon and Logoff activity, along with remote sessions that took place on all managed computers.

Print Activity

Print Activity lets you keep track of printers by adding them in a group and assigning it an alias name. The printers can be added or removed from this alias group. Print Activity monitors and logs print commands sent by all computers. It also lets you filter the logs on the basis of Computer name, Printer and/or Username. Furthermore, this module lets you export a detailed print activity report in XLS, PDF, and HTML formats.

Application Access Report

The Application Access Report module gives a detailed view of all the applications accessed by the endpoints which are part of Managed Computers. The log displays list of applications executed and the time duration for which the app was active. Options for Filtering or Exporting the log in desired formats are also present on the same interface. You will get the details of the computer name which accessed the app and duration.

IM Blocking

Cyber thefts typically happen using file transfers or inadvertent messaging, bypassing traditional gateway security. Information Exfiltration activities are done by hackers by hijacking popular Browsers and IM Apps (such as Firefox, Skype, Opera) through known vulnerabilities such as buffer overflows or boundary-condition errors. eScan Enterprise DLP IM rules will only work if the processes utilized for file transfer are the ones you are specifying in your application list while creating the rule. The IM rule provides a blanket block on all attachment and file transfers through Instant Messenger applications.

Screen Capture

Screen Capturing makes it easier to take desktop screen-shots. As a business owner, it becomes crucial to be aware of the activities of employees, especially in the case of customer service or help-desk teams. Employees may work hard but to clearly understand their productivity, screen capturing gives you a detailed insight into the work being done.

Disable (Copy / Paste / Drag / Drop)

For a device, once data is copied into the clipboard by any app, it can also be accessed from any other app. With Copy/Paste option disabled, a user is prohibited from copying any information to the clipboard.

File and Folder Encryption

The DLP file and folder encryption protects sensitive and confidential data from unauthorized access and data leak. It provides an advanced level of password protection to your important files/folders.

Application Control

Application Control feature lets you block unwanted applications from being executed on Endpoints. This helps the admin to control the execution of applications on endpoints. Also, eScan Enterprise DLP enforces the application control policy to provide continuous monitoring of systems to prevent security breaches, data leak, and outages.

Network Access Control

eScan Enterprise DLP Network Access Control helps an organization to control access of shared network drives and folders. This feature provides a granular read-only or full access of individual shares, there by controlling confidential data access and modification.

Disable Print Screen

This will block any screen-shot and/or screen-grab process, like windows snipping tool, from capturing desktop screen image. This feature will ensure that users cannot capture sensitive information as an image and transfer it outside. Hence it is an important aspect of DLP.

Sensitive File Protection

This feature will ensure that sensitive data cannot be accessed using any other application except the default application specified. Once a folder is classified as "Sensitive", its contents cannot be changed / deleted in any way. The files can be accessed using only the associated apps and any kind of editing is blocked to avoid data modification.