For the Teams Share File product here at Citrix, I am happy to announce that Share File Enterprise now supports integration with third-party data loss prevention (DLP) products. This new feature works with your existing File Share to recognize DLP infrastructure when sensitive content added and allows you to access and sharing limit, based on the results of the DLP scan.
This new integration is ideal for businesses, especially those in highly regulated industries, be the need to be able to control file sharing, based on the content in the files themselves. It allows you to release restrictions observed per company policies to enforce strict security and compliance regulations and requirements. Share File Enterprise DLP integration is now available as a feature of Storage Zones Controller 3.2.
In this post I will explain how it works and how to configure it to your account Share File.
support for existing foreign DLP systems
We wanted to let your existing DLP infrastructure leverage, so Share File the standard ICAP protocol to interact with third-party DLP solutions.
A few popular ICAP used compliant DLP solutions include:
- Symantec Data Loss Prevention
- McAfee DLP Prevent
- Websense TRITON AP- dATA
- RSA data loss Prevention [1945008[
If you are already using one of the above solutions for scanning of outgoing e-mail attachments or web traffic for sensitive data, you can Share File Storage Zones controller point to the same server when you should consider adding dedicated ICAP server for data processing Share File, if you expect the load to be significant.
How to Enable Data Loss Prevention in Share File
to Data Loss Prevention to activate on your Share File account, you must
- Enabling DLP capabilities in the Share file account
- Enabling DLP on your Storage Zones controller server
- Configure the permitted actions for each file classification [1945008:dreiSchritteauszuführen]
These steps in detail below in describes the sections.
1. Activate DLP capabilities in the Share File Account
Send us an email to support@sharefile.com on request or confirm that your Share File subdomain for Data loss Prevention is enabled. That was easy!
2. Activate DLP on your Storage Zones controller server
Next, install or upgrade controller on Storage Zones version 3.2 or higher. When you create the storage zone or change, you will see a new option see Enabling DLP Integration:
that control the field and the enter ICAP address your DLP server in the ICAP REQMOD URL field. if your DLP server dlp-server.company.com is For example, enter the following into the ICAP REQMOD URL field:
icap: //dlp-server.company.com: 1344 / REQMOD
Click Save or register and your storage area will begin on the DLP server for processing to send any new files. From this point on each version of each of these storage zone uploaded file for sensitive content will be scanned. Your DLP administrator will now look at each sensitive content have to make their way into your File Share account and could creatively with alerts or incidents on the DLP-side.
3. Control access based on scan results DLP
Finally, configure settings, such as the normal exchange and download behavior for files on their DLP classification is based restrict. Think has configured DLP as a judge, the veto power on the normal permissions in Share File.
If, for example, share a document, a user still choose anonymous access could block out even if the DLP settings would allow to share them it anonymously. But when the user attempts to share a confidential file in a way that would violate the DLP settings, the judge intervenes and prevents them from doing so.
to configure the settings in DLP Share File, log on as an administrator account and Admin > Data Loss Prevention . Here is where the exchange and download privileges for three data classifications are configured:
- Scanned: OK - files that have been scanned by a DLP system, and passed OK [1945007[ scanned: Rejected - files that have been scanned by a DLP system and were found sensitive data contained
- unscanned - files that are still did not scan it because the DLP server is not available or because they in a storage area where DLP is not enabled is.
Setting for each data classification, you different access and sharing limitations. For each category, select the Share File Administrator to enable the actions:
- The employee can file
- 3rd party client users download or share can to share the file
- Anonymous users can download the file
to display the above image as an example, would Share file, but still allows for internal cooperation the company's employees as standard allow -Safety only sharing unverified files. Files that have been scanned from DLP and may contain not found sensitive content to be shared with employees, third parties and even anonymous recipient. But all the files that have been marked as containing sensitive content through the DLP system, can not be shared, and only the owner of the file or other employees would explicitly added to a folder have the option to download the file. However
You can adjust the allowed actions see fit. But be careful, if you change these settings, as they may have broad and immediate impact on how users interact with Share File. So if you are ready system to start protecting your data Share File with your existing DLP, Download Storage Zones Controller 3.2 and get started.
In summary
Share File is a powerful service that can be fully integrated with the existing security infrastructure and strategies. Enforcing data security policies for sensitive and confidential information of Share File with existing DLP Integration to restrict (Data Loss Prevention) systems for document sharing is based on the DLP classification of the file. Share File integrates with popular DLP systems (Symantec Data Loss Prevention McAfee DLP Prevent, Websense TRITON AP-DATA, RSA Data Loss Prevention and other) for Customer-Managed Storage Zone implementations only. Companies, especially those in heavily regulated industry need to control file sharing, be based on the position to enforce the content in the files themselves sharing restrictions per company guidelines.
About Share File
Citrix Share File, secure data synchronization and sharing service with flexible storage options allow IT to mobilize all enterprise data. Share File enables mobile productivity with read-write access to the data, workflow and collaboration, enables users to securely share any files, and synchronize files across all their devices. With Share File, it is given the flexibility to store data in the optimal locations compliance and data ownership to be needs and mobile access to network shares, SharePoint, onedrive offer for business and ECM system. Share File provides an intuitive experience for users, while the IT with the security and control.
0 Komentar