Protect and secure your most sensitive data and IP
DLP serves as a vigilant guard, keeping sensitive details like customer data safe in your business
DLP monitors and controls data transfers, helping your business meet compliance and industry regulations
With a unified console, DLP simplifies data movement oversight, making it easy to maintain a secure business environment
Sensitive information typically resides within enterpise applications. These can be proprietary applications managed by the enterprise itself or 3rd party SaaS applications such as Salesforce, Office 365 and Box.
As most SaaS applications used in a typical enterprise are unsanctioned, an effective DLP solution must cover them too.
SecureTrust’s DLP is delivered as part of the Helios Cloud™ platform and provides coverage for all traffic to all enterpise assets. This includes all on-prem applications hosted in physical data centers, which most DLP solutions do not have visibility into.
In addition, SecureTrust’s DLP follows Zero Trust principles where we define DLP rules for applications and activities for which no explicit rules have been defined.
Our solution provides full DLP capabilities natively within the Helios™ Cloud SASE platform.
SecureTrust DLP has comprehensive visibility into all network traffic to detect and control sensitive data sharing. Our rich data type libraries and easy policy configuration enable compliance mandates to be efficiently met.
With zero touch deployment, enterprises can achieve organization-wide data loss prevention faster than ever.
SecureTrust has full visibility to all traffic and can easily extend control from threat prevention to data protection.
Traditional DLPs require a stand alone deployment process of agents, appliances, and services to achieve complete visibility.
SecureTrust's management application covers all DLP, SSE and SASE features from a single console with one common policy and rule engine sharing all context.
DLP typically has a separate management console or required a separate set of policies with limited context that isn’t shared with other network security functions.
Full coverage of all inline access to cloud applications, web sites, and public cloud services.
Cloud service provider DLPs and some integrated DLPs do not cover unsanctioned applications.
DLP rules are where we define the policies we want to implement. They combine the data profiles we have defined for matching sensitive information with the behavior we want to enforce the policy.
Use Case #1
The rule implementing this policy can be seen in the figure below. We can see the request to “block” defined in the Action parameter, “download” defined in the Critera: Activities, “German credit card” represented in Criteria: Profile, and “Office365” defined in the Application parameter. “Any” is defined in the Source parameter to indicate this should be applied to all sources attempting such a download.
DLP Policy for Blocking German Credit Card Information in Office 365
Use Case #2
In this case we want to allow only the R&D group to download files, so the Action parameter in the figure below will be set to “Allow’ and the Source parameter to “R&D”. Since we’re not limiting this rule ot specific applications, the Application parameter value will be “Any Application.” The Criteria: File Attribute will be set to “Content Type is source_code”, meaning the rule will be applied to this filetype, rather than any specific matching content within the file.
What is important to note in this example, is that in order for all non-R&D traffic to be blocked, we will need to add a rule blocking “Any” other source traffic. As rules are applied in their define order, all R&D traffic will be allowed to download files, while all other user types will reach the subsequent block rule.
DLP Policy for Allowing R&D users to Download Source Code Files
Use Case #3
What is unique in this case is that we want to restrict data access to users from a site in a specific location. As can be seen in the figure below. The Source parameter is set to the name of the site as defined in the enterprises’s network: “Beijing”.
DLP Policy for Blocking European PII to a Chinese Site
A simple 4 step process that takes < 10 minutes to get secure
The SecureTrust Cybersecurity Framework is designed to help organizations reduce risk and maximize the ROI of their security initiatives and is based on three key principles: