Alan makes some extremely good points... The one question I would ask, which many have already alluded to is this:
Are you trying to prevent accidental data leak prevention or deliberate? The answer will necessarily affect your approach to solving this problem. *>>Sadly, the owners feel they cannot entirely rely on the loyalty of generously paid employees [with great benefits], company policies, and or legalese.* Then they are doomed. There are vary few organizations that can be successful in any way by deliberately hiring people they clearly don't trust on some level. This is not to suggest that owners and organizations should not care about intellectual property theft/loss/exposure, but that they are looking to address it in the wrong fashion, and at the wrong location. They're going to need to use a proper DLP solution with excellent auditing, combined with better HR practices, from candidate selection through onboarding through ongoing training. *ASB *(Professional Bio <http://about.me/Andrew.S.Baker/bio>) *Harnessing the Advantages of Technology for the SMB market... * On Thu, May 5, 2011 at 5:14 AM, Alan Davies <[email protected]>wrote: > You're using an entry level "pretend" DLP feature of an AV product to try > and do enterprise style DLP. You get what you pay for. However, something > like MIMEsweeper in your email flow would easily achieve what you desire and > could sandbox for approval rather than forbid, which is a far better > business enabler. If you want granular control over things like this and > other actions with files, then you may want to look at the full DLP suites > (deep breath for costs though!). > > > > a > > ------------------------------ > *From:* Jeff S. Gottlieb [mailto:[email protected]] > *Sent:* 04 May 2011 21:47 > > *To:* NT System Admin Issues > *Subject:* BLOCKING end-users from ATTACHING and EMAILING... > > > > We are searching for a method to BLOCK end-users from ATTACHING and > EMAILING [sensitive] docs located on a SPECIFIC FOLDER of the share. > > > > *What we have accomplished thus far:* > > 1) Using Sophos we activated “*Device* Control” preventing end-user from > coping to Storage, Network, or Short Range devices > > 2) Using Sophos we also activated “*Data* Control”… thus creating email > alerts detailing the sender /recipient, time /date, and name /location of > attachment > > 3) All documents are converted to PDF with security options that prevent > copy /paste, and printing > > 4) End-users are NOT allowed Internet access > > > > Owners are left **totally** unsatisfied with all the above, as these > measures are not preventative enough. > > Leaving any of the end-users without ability to email is NOT an option. > > Leaving a [public] workstation open, available with access to this SPECIFIC > FOLDER, and then having no email /Internet is NOT an option. > > > > These end-users are all in the CAD design department. > > Given the nature of the business, suffice-it-to-say, one drawing in email > could represent a significant loss. > > Sadly, the owners feel they cannot entirely rely on the loyalty of > generously paid employees [with great benefits], company policies, and or > legalese. > > > > Thanks in advance for any suggestions… comments. Cheers, -J > > > > > > *EMPLOYEE Supposition:* > > Surely in created the level of sophistication placed in Sophos with *Device > & Data* Control suggests that a greater need exists to protect the > employer’s intellectual property. > > Along with these concepts, the end-users themselves have become more > sophisticated and perhaps unfortunately [these days] more-willing to place > their positions on the line. > > > > I guess if we’ve done our IT job… than the end-users ONLY option is to snap > a photo using a cell-phone. > > What then will the employer do?? Add company policy to include NO CELL > PHONES?? Imagine a world AT WORK without texting, tweeting, and the > occasional personal call??? Ouch! > > > > *EMPLOYER Supposition [slave-master]:* > > Add video surveillance too!!!! :--/ > > > > > ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ ~ <http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/> ~ --- To manage subscriptions click here: http://lyris.sunbelt-software.com/read/my_forums/ or send an email to [email protected] with the body: unsubscribe ntsysadmin
